Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
705 views
in Technique[技术] by (71.8m points)

php - Cannot connect to GMail SMTP (PHPMailer) - Certificate Verify Failed

Very recently encountered this error when trying to send mail via SMTP and GMail.

Warning: stream_socket_enable_crypto(): SSL operation failed with code 1.
OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed in C:xampphtdocsportallibrariesphp_mailerclass.smtp.php on line 343
2017-12-05 09:48:03 SMTP Error: Could not connect to SMTP host. 
2017-12-05 09:48:03 CLIENT -> SERVER: QUIT 
2017-12-05 09:48:03 SMTP ERROR: QUIT command failed:

Server address is https://gg-portal.com, and SSL configuration seems correct (verified through online checkers).

PHPMailer code is...

$mail = new PHPMailer();
$mail->isSMTP();
$mail->Host = "smtp.gmail.com";
$mail->SMTPAuth = true;
$mail->Username = $this->_config["EmailUser"];
$mail->Password = $this->_config["EmailPass"];
$mail->SMTPSecure = "tls";
$mail->SMTPDebug = 1;
$mail->Port = 587;
$mail->FromName = $this->_config["Brand"];  
$mail->From     = $this->_config["EmailFrom"];
$mail->AddCC("...emailAddress...");
$mail->Subject  = "...subject...";
$mail->Body     = "...content...";
$mail->IsHTML(true);  
$mail->WordWrap = 50;
if(!$mail->Send()) {
    echo ' Message was not sent.';
    echo 'Mailer error: ' . $mail->ErrorInfo;
}

Have looked at the documentation which suggests certificate issues, though as stated SSL setup seems fine. Have looked into the issue elsewhere and most popular suggestions is to bypass the SSL (which works) however I'd prefer not to do this.

'context' => [
    'ssl' => [
        'verify_peer' => false,
        'verify_peer_name' => false,
        'allow_self_signed' => true
    ]
]
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

FIXED ISSUE FOR ME I fixed this issue in my windows php environment by downloading an updated root certificates file and pointing my php.ini file to it. It seems the problem was not with gmail's cert but rather with an outdated root certificate file due to windows server 2012 no longer updating this file automatically. Download cacert.pem from here: https://curl.haxx.se/docs/caextract.html. Then in php.ini use following line to point to it (assuming you have openssl.dll installed).

openssl.cafile={Path to the file on your server}cacert.pem.

That fixed it and I no longer needed to bypass SSL/TLS verification like suggested. Ultimately I need to get windows to update root certs automatically using GPO or WSUS. see https://serverfault.com/questions/541922/where-to-get-root-ca-certificates-for-windows-server-now-that-microsoft-no-longe


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...