Jump to content

Question

Posted

I try to set up mail, url /admin/settings/company/emails/mail/ :

smt.mydomain.tld

port: 465

smtp-user

pass

Afrter click "Test These Settings" I recieve error message:

Connection could not be established with host "ssl://smtp-domain:465": stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

or if I try with port 587:

"Unable to connect with STARTTLS: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"

So, whats wrong and how do I configure it works?

Thanks

5 answers to this question

Recommended Posts

  • 0
Posted

What version of Blesta is this? Does the mail server have a valid SSL certificate? It may not.

Make sure the TCP egress ports are open at your firewall. If you have SSH access to your server, you can try to telnet to the mail server over the port to see if it responds.

telnet mail.server.com 587

  • 0
Posted
9 hours ago, Paul said:

What version of Blesta is this? Does the mail server have a valid SSL certificate? It may not.

Make sure the TCP egress ports are open at your firewall. If you have SSH access to your server, you can try to telnet to the mail server over the port to see if it responds.

telnet mail.server.com 587

Blesta 5.9 - the last one. Server has SSL cert, sure. It self-signed, but valid. I can connect to the server with MUA and receive/send emails from my PC. But to do that if I configure the Mail-account for the first time I have to confirm the storing of SSL cert on PC first.

Telnet don't respond on 465 (because cannot connect through SSL I think) if I close connection I see in logs on server: An unexpected TLS packet was received

Telnet on 587 respond, I see HELO message from server.

If I try to send test mail from admin panel, as before, (url /admin/settings/company/emails/mail/) I see in logs on mail server:

TLS error on connection from HOST-WITH-BLESTA (gnutls_handshake): Decryption has failed.

  • 0
Posted

Commenting for a solution and here are the solutions:

1. Login to your Server with SSH credentials

curl --insecure https://curl.se/ca/cacert.pem -o /etc/ssl/certs/ca-certificates.crt
ln -sf /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-bundle.crt

2. Edit your php ini file /etc/php.ini and add below content at end of the php.ini file

[curl]
curl.cainfo = /etc/ssl/certs/ca-certificates.crt

[openssl]
openssl.cafile = /etc/ssl/certs/ca-certificates.crt

3. Restart your web server and this will solve the error with Unable to connect with STARTTLS: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed how to fix it

 

  • 0
Posted

Thanks @WHMCSModuleNetworks

I've been banging my head with this error on AlmaLinux 9.4.

The only thing I had to change was instead of ca-certificates.crt, 9.4 apparently uses ca-bundle.crt, so in the php.ini I put:

 

[curl]
curl.cainfo = /etc/ssl/certs/ca-bundle.crt

[openssl]
openssl.cafile = /etc/ssl/certs/ca-bundle.crt

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...