Hi guys!
I am trying to configure the mail in ownCloud using my institution smtp server. The problem is that this server has a “strange” SSL certificate that is causing me the following problem when I try to send an e-mail:
stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed at /home/owncloud/owncloud/3rdparty/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php#95
I saw that I needed to add the certificate to the trusted certificates. I did this by using openssl to download the certificate from smtp server, copying to /etc/pki/trust/anchors/ and running update-ca-certificates. After that, the message was changed to:
stream_socket_enable_crypto(): Peer certificate CN=`pat****' did not match expected CN=`smtp1.*****************' at /home/owncloud/owncloud/3rdparty/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php#95
I know that this seems a problem with the certificate itself, but I cannot fix it and it probably will not be fixed anytime soon. Hence, I am looking for a workaround. The only thing that I could do to make this work is described in SSL3_GET_SERVER_CERTIFICATE:certificate verify failed · Issue #544 · swiftmailer/swiftmailer · GitHub
I needed to add the lines:
$options['ssl']['verify_peer'] = FALSE;
$options['ssl']['verify_peer_name'] = FALSE;
To the function _establishSocketConnection() in owncloud/3rdparty/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php. After that, ownCloud could send e-mails correctly.
However, this seems a very big hack to me. I will need to handle it at every ownCloud (swiftmailer) update. Hence, I am wondering if there are a better way to accomplish that. I am aware of the problems I can face by setting verity_peer and verify_peer_name to false. But this is my only option.
Regards,
Ronan Arraes