how to fix SSL certificate verification failure
Just had the same error message, maybe you've got the same issue:
- my certificate is good (I can go to the HTTPS domain without any issue)
- can't run the same request through PHP's
stream_context_create
andstream_socket_client
- I want SSL certificate to be checked
Testing the same domain through cURL returned:
curl: (60) SSL certificate problem: certificate is not yet valid
Turns out my virtual machine in which I've run both PHP and cURL had 11 days of error (december 11th instead of december 22th).
By fixing the computer/virtual machine's date (using ntp
, ntpdate-debian
or the like), the certificate test now runs fine, in both cURL command-line or PHP.
slevin
aspiring web developer - html5 and web mapping enthusiast. mainly work with apache, geoserver, openlayers, html5, php, mysql, postgresql/postgis, javascript, jquery SOreadytohelp
Updated on July 11, 2022Comments
-
slevin almost 2 years
I use PHPMailer, along with Apache and PHP, locally. When I test my SSL config and my cacerts I get
default_cert_file = C:\Program Files\Common Files\SSL/cert.pem default_cert_file_env = SSL_CERT_FILE default_cert_dir = C:\Program Files\Common Files\SSL/certs default_cert_dir_env = SSL_CERT_DIR default_private_dir = C:\Program Files\Common Files\SSL/private default_default_cert_area = C:\Program Files\Common Files\SSL ini_cafile = ini_capath =
and then, I do
var_dump(fsockopen("smtp.gmail.com", 465, $errno, $errstr, 3.0)); var_dump($errno); var_dump($errstr);
and I get
fsockopen resource(2) of type (stream) int(0) string(0) ""
In my
php.ini
I havecurl.cainfo = C:/php/cacert.pem
in thecurl
part and it works.But when I try to use PHPMailer to send a mail from localhost, I keep getting
SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed Failed to enable crypto unable to connect to ssl://smtp.gmail.com:465 (Unknown error)
I also went to the account used in the SMTP, in
https://accounts.google.com/DisplayUnlockCaptcha
and enable it. And tohttps://myaccount.google.com/lesssecureapps?pli=1
and enabled less secured apps. I guess this is an SSL error and not a PHPMailer. Frankly, I am confused dont know how to fix it. Excuse my ignorance, any help on whats is going wrong and how to fix it , would be great.PS, this my php file that sends the mail. Thank you
<?php use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\Exception; require 'C:/php/PHPMailer/src/Exception.php'; require 'C:/php/PHPMailer/src/PHPMailer.php'; require 'C:/php/PHPMailer/src/SMTP.php'; $mail = new PHPMailer(true); try { $mail->SMTPDebug = 3; $mail->isSMTP(); $mail->Host = 'smtp.gmail.com'; $mail->SMTPAuth = true; $mail->Username = '[email protected]'; $mail->Password = 'secret'; $mail->SMTPSecure = 'ssl'; $mail->Port = 465; //Recipients $mail->setFrom('[email protected]'); $mail->addAddress('[email protected]'); //Content $mail->isHTML(true); $mail->Subject = 'subject'; $mail->Body = 'HTML message body <b>in bold!</b>'; $mail->AltBody = 'body in plain text'; $mail->send(); echo 'Message has been sent'; } catch (Exception $e) { echo 'Message could not be sent.'; echo 'Mailer Error: ' . $mail->ErrorInfo; } ?>
Update
When I try with
$mail->SMTPSecure = 'ssl';
and$mail->Port = 465;
I get2017-10-01 13:04:25 Connection: opening to ssl://smtp.gmail.com:465, timeout=300, options=array() 2017-10-01 13:04:26 Connection failed. Error #2: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [C:\php\PHPMailer\src\SMTP.php line 324] 2017-10-01 13:04:26 Connection failed. Error #2: stream_socket_client(): Failed to enable crypto [C:\php\PHPMailer\src\SMTP.php line 324] 2017-10-01 13:04:26 Connection failed. Error #2: stream_socket_client(): unable to connect to ssl://smtp.gmail.com:465 (Unknown error) [C:\php\PHPMailer\src\SMTP.php line 324] 2017-10-01 13:04:26 SMTP ERROR: Failed to connect to server: (0) SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting Message could not be sent.Mailer Error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
When I try with
$mail->SMTPSecure = 'tls';
and$mail->Port = 587;
I get2017-10-01 13:07:20 Connection: opening to smtp.gmail.com:587, timeout=300, options=array() 2017-10-01 13:07:21 Connection: opened 2017-10-01 13:07:21 SERVER -> CLIENT: 220 smtp.gmail.com ESMTP l4sm5217189wrb.74 - gsmtp 2017-10-01 13:07:21 CLIENT -> SERVER: EHLO localhost 2017-10-01 13:07:21 SERVER -> CLIENT: 250-smtp.gmail.com at your service, [85.75.196.114]250-SIZE 35882577250-8BITMIME250-STARTTLS250-ENHANCEDSTATUSCODES250-PIPELINING250 SMTPUTF8 2017-10-01 13:07:21 CLIENT -> SERVER: STARTTLS 2017-10-01 13:07:21 SERVER -> CLIENT: 220 2.0.0 Ready to start TLS 2017-10-01 13:07:21 Connection failed. Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [C:\php\PHPMailer\src\SMTP.php line 403] SMTP Error: Could not connect to SMTP host. 2017-10-01 13:07:21 CLIENT -> SERVER: QUIT 2017-10-01 13:07:21 SERVER -> CLIENT: 2017-10-01 13:07:21 SMTP ERROR: QUIT command failed: 2017-10-01 13:07:21 Connection: closed SMTP Error: Could not connect to SMTP host. Message could not be sent.Mailer Error: SMTP Error: Could not connect to SMTP host.