SMTP Error - stream_socket_enable_crypto(): Peer certificate CN did not match expected CN

Slavik

Slavik

XenForo moderator
Staff member
Posting this up for reference to be found easily.

A lot of people upgrading to PHP 5.6+ are running into the following error:

ErrorException: Email to [email address] failed: stream_socket_enable_crypto(): Peer certificate CN=`[hostname]' did not match expected CN=`[target hostname]' - library/Zend/Mail/Protocol/Smtp.php:206

As of PHP 5.6 peer verification is enabled by default (http://php.net/manual/en/migration56.openssl.php).

If you are running WHM or Plesk, I found the issue could be resolved as follows:

WHM: Change the “Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak)” from “On” to “Off”.

Plesk: Create a new subscription with the URL set as the server host address, then assign it a SSL cert via the lets encrypt plugin.
 
Sort by date Sort by votes
Slavik said:
Plesk: Create a new subscription with the URL set as the server host address, then assign it a SSL cert via the lets encrypt plugin.
Click to expand...

Or,
if everything has worked so far under Plesk and the error occurs after renewing the certificate, then first check the settings under: (Replace YourID with your Plesk DomainID) "/modules/sslit/index.php/index/certificate/id/YourID".

It could be that there, the domain, is no longer assigned an email certificate.
If so, click on the tab advanced settings and activate "protect webmail" and/or "protect email".

Thanks to @Slavik your hint put me to the right way before I mess up all my mail settings in XF ;)
 
Upvote 0 Downvote
Hi,
"WHM: Change the “Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak)” from “On” to “Off”."
this works for me for my forum , i am using private mail but the other websites on the server cannot send emails anymore from local smtp
 
Upvote 0 Downvote
Karanjot said:
Hi,
"WHM: Change the “Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak)” from “On” to “Off”."
this works for me for my forum , i am using private mail but the other websites on the server cannot send emails anymore from local smtp
Click to expand...

Check out my new guide here

xenforo.com

Unmaintained - How to use self signed certs for SSL/TLS IMAP and SMTP.

If you have an SMTP or IMAP server that has a self signed certifcate, you will need to make 2 file edits to prevent a connection failure. src/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php paste this after $options...
xenforo.com xenforo.com
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Mr Lucky
  • Question Question
XF 2.3 email error stream_socket_enable_crypto(): SSL operation failed with code 1.
Replies
2
Views
35
Mr Lucky
Mr Lucky
findozor
  • Question Question
XF 2.2 ErrorException: Job XF:EmailUnsubscribe: [E_WARNING] stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:0A
Replies
2
Views
322
findozor
findozor
BassMan
  • Question Question
XF 2.0 ErrorException: Email to name@myemail.com failed: [E_WARNING] stream_socket_enable_crypto():
Replies
11
Views
1K
BassMan
BassMan
Back
Top Bottom