Geek Answers Handbook

Laravel SMTP Driver with TLS Encryption

I am trying to send an email with this configuration:

return [ 'driver' => 'smtp', 'host' => 'mail.mydomain.com', 'port' => 26, 'from' => ['address' => ' mailer@mydomain.com ', 'name' => 'Mailer'], 'encryption' => 'tls', 'username' => env('MAIL_USERNAME'), 'password' => env('MAIL_PASSWORD'), 'sendmail' => '/usr/sbin/sendmail -bs', 'pretend' => false, ];

When I submit the form, I get this erorr:

 ErrorException in StreamBuffer.php line 95: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

I found this solution where people seem to have solved the problem with the same library, but I cannot solve it in Laravel.

https://github.com/PHPMailer/PHPMailer/issues/368

+5
source share
3 answers

Well, in this link you provided the solution straightforwardly.

The correct solution is to fix your SSL configuration - this is not a PHP error!

+4
source

Add this at the bottom of your /mail.php configuration

 'stream' => [ 'ssl' => [ 'allow_self_signed' => true, 'verify_peer' => false, 'verify_peer_name' => false, ], ],

this will solve your problem.

+12
source

In my case, the problem was with SSL. My SMTP has a self-signed certificate, and my laravel runs on top of PHP 5.6, which disables the context variable allow_self_signed to false and allows "verify_peer" and therefore gives an error when sending emails.

Since I did not want to crack the swiftmailer code, I added my Server Certificate Authority (CA) file as a trusted CA for my system running laravel.

I did this by getting my smtp server CA certificate, something like

 -----BEGIN CERTIFICATE----- MIIElTCCA32gAwIBAgIJAMZjjNg64RQwMA0GCSqGSIb3DQEBCwUAMIGNMQswCQYD VQQGEwJVUzEMMAoGA1UECBMDTi9BMQwwCgYDVQQHEwNOL0ExJDAiBgNVBAoTG1pp ... 5a8a4QEwWmnAOgHetsOCvhfeGW3yAJPD8Q== -----END CERTIFICATE-----

and write it in my laravel machine which has Ubuntu 14.04 for a file named /usr/local/share/ca-certificates/my_cert.crt . It is imperative to complete the .crt file as well as make it accessible to everyone.

Then call update-ca-certificates , and the certificate will be added to the list of valid certificate authorities of your server.

+2
source

More articles:


All Articles