Search…

X3 Photo Gallery Support Forums

Search…
 
Eightkiller
Experienced
Topic Author
Posts: 116
Joined: 15 Jul 2012, 14:34

Auto-signed SSL certificate and PHPMailer issues

29 May 2017, 12:07

Hy,

I have some trouble with the contact mailing forms since I'm using HTTPS for my gallery with an auto-signed certificate. I managed to work around it by modifying 
the connect() function in class.smtp.php file, I added some options to skip the verification which was preventing me from sending mail. It's not very pretty but it's an ok workaround, no sensitive data.
Code
 public function connect($host, $port = null, $timeout = 30, $options = array())
    {
if(count($options)==0){
$options["ssl"]=array("verify_peer"=>false,"verify_peer_name"=>false,"allow_self_signed"=>true);
}
If you have a better solution, I'm all ears ! 

Yet, now the emails are properly sent, but I always get the X red icon , same case as when the mail has not been sent due to an error. Could you help me and tell me what I need to change in order to get the V green icon   and a "Message properly sent" in my case ? (Maybe changing some if case  somewhere ?)

Thanks in advance for your help :)

P.S. (I know I'm always asking some weird stuff loool), you can test it here if you want : https://www.insightspirit.com/contact
 
User avatar
mjau-mjau
X3 Wizard
Posts: 13993
Joined: 30 Sep 2006, 03:37

Re: Auto-signed SSL certificate and PHPMailer issues

29 May 2017, 12:42

I'm really not sure why you have to edit the PHPMailer class, which is the worlds most popular PHP mailer, and should under no circumstances have to be edited: https://github.com/PHPMailer/PHPMailer.  If any specific issue related to not being able to send through this mailer class using standard options, then why not make a post in their issues at Github? If it's a common issue, for sure they would have covered it by now.

We also use HTTPS for all our websites, with "self-signed server certificates" (which I assume is the same as what you are referring to), without mail issues. I am not quite sure why this requires any specific settings ... You are using SMTP I assume? This would normally point to a different server than what your website is running on.
 
User avatar
mjau-mjau
X3 Wizard
Posts: 13993
Joined: 30 Sep 2006, 03:37

Re: Auto-signed SSL certificate and PHPMailer issues

29 May 2017, 12:47

Eightkill wrote:P.S. (I know I'm always asking some weird stuff loool), you can test it here if you want : https://www.insightspirit.com/contact
Beautiful website!
 
Eightkiller
Experienced
Topic Author
Posts: 116
Joined: 15 Jul 2012, 14:34

Re: Auto-signed SSL certificate and PHPMailer issues

07 Jun 2017, 04:57

Yes, i don't get what's not working, still investigating, if u have any idea:

Here is what I get :
Code
2017-06-07 08:33:50 Connection: opening to mail.insightspirit.com:25, timeout=300, options=array (
                                     )
2017-06-07 08:33:50 Connection: opened
2017-06-07 08:33:50 SERVER -> CLIENT: 220 vps1550-cloud.dns26.com ESMTP Postfix
2017-06-07 08:33:50 CLIENT -> SERVER: EHLO www.insightspirit.com
2017-06-07 08:33:50 SERVER -> CLIENT: 250-vps1550-cloud.dns26.com
                                     250-PIPELINING
                                     250-SIZE 40960000
                                     250-ETRN
                                     250-STARTTLS
                                     250-AUTH DIGEST-MD5 LOGIN PLAIN CRAM-MD5
                                     250-ENHANCEDSTATUSCODES
                                     250-8BITMIME
                                     250 DSN
2017-06-07 08:33:50 CLIENT -> SERVER: STARTTLS
2017-06-07 08:33:50 SERVER -> CLIENT: 220 2.0.0 Ready to start TLS

Warning: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /var/www/vhosts/insightspirit.com/httpdocs/extensions/PHPMailer/class.smtp.php on line 347
2017-06-07 08:33:50 SMTP Error: Could not connect to SMTP host.
2017-06-07 08:33:50 CLIENT -> SERVER: QUIT
2017-06-07 08:33:50 SERVER -> CLIENT: K
2017-06-07 08:33:50 SMTP ERROR: QUIT command failed: K
2017-06-07 08:33:50 Connection: closed
2017-06-07 08:33:50 SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Message could not be sent.Mailer Error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
My self signed certificate seem to work properly, I'm using cloudflare on top of the website too. I managed as I said above to force the sending , but it's not a proper solution, I should not have to modify PHPMailer, in order to bypass the checking (not safe).

It might be a client error (chrome, firefox, etc.) for not acknoleging the certificate ?

I'm still waiting before posting on their github, cause it seems to be a classical problem.

Thanks in advance.
 
User avatar
mjau-mjau
X3 Wizard
Posts: 13993
Joined: 30 Sep 2006, 03:37

Re: Auto-signed SSL certificate and PHPMailer issues

08 Jun 2017, 01:33

My expertise is not top notch in regards to this, but I can tell you the following: It's certainly nothing to do with browser, as the entire operation occurs from on server, including the request to the SMTP server. Only the success/fail response is forwarded to browser.

Furthermore, it's never gonna be Cloudflare unless you are specifically routing mail.insightspirit.com through Cloudflare. Even if it was though, I don't see how that would be a problem.

In fact, the MAIL issue has nothing to do with your website or browser. It is strictly related to "mail.insightspirit.com", which is not even the same server as the website. Is this your hosting company who setup the email domain? I don't see how your email server is under any "self signed ssl certificate" ... Either it's secure or it's not (it probably is). Just to demonstrate, your website is SSL:
Image

Your mail server is not related to the domain/website/certificate:
Image

The issue is likely just related to your port/login details somehow. Normally, shared hosting provider offer UNIQUE mail server addresses, which your "mail.insightspirit.com" is just an alias for anyway ... It would normally be something like pg3x-kx4c.hosting-mail.something.com. I think perhaps the core issue here is getting over-complicated.
 
Eightkiller
Experienced
Topic Author
Posts: 116
Joined: 15 Jul 2012, 14:34

Re: Auto-signed SSL certificate and PHPMailer issues

11 Jun 2017, 13:10

I managed to find a workaround, but there were many problems with ghosts "things" with cloudflare since I reinstalled everything on my server. with missing files or cached ones, etc. I cleared everything properly first to only use the SSL Certificate installed on my server not mixed with the cloudflare's one and I had to modify the checking like this:
Code
$SMTPOptions = array(
    'ssl' => array(
        'verify_peer' => false,
        'verify_peer_name' => false,
        'allow_self_signed' => true
)
);
It's what's recommended on the github, checking problems appeared since php 5.6, u have to have a valid certificate bought from a valid list, not an self-signed one as they say. I don't know what u did to make it work with a self-signed one.

Yet it's working now, it's less secure but it's ok, the security level it offers is sufficient for my use here. But I would still like to understand how to do it properly with a self-signed one, on my private server.