1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.4 XenForo SMTP settings to work with PHP 5.6 using Self-Signed Certs

Discussion in 'Troubleshooting and Problems' started by Jawsh, Aug 22, 2015.

  1. Jawsh

    Jawsh Formerly null0

    I am getting hundreds of these errors intermittently.

    Code:
    ErrorException: Email to xxx@xxx.xxx failed: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed - library/Zend/Mail/Protocol/Smtp.php:206
    This only happened once I switched over to HHVM, which required PHP5.6 to run. The issue has to do with PHP5's updated SSL interfaces and security requirements. All resources I find on the error suggest that I change settings that look like this.

    Code:
    $mail->SMTPOptions = [
        'ssl' => [
            'verify_peer' => false,
            'verify_peer_name' => false,
           'allow_self_signed' => true
    ]];
    This is apparently caused by PHP5.6 refusing to talk to the server with its self-signed cert. That needs to stop, immediately. Where can I change these settings in XenForo?
     
  2. Tracy Perry

    Tracy Perry Well-Known Member

    You change it in php.ini.
     
  3. Jawsh

    Jawsh Formerly null0

    Can you provide me documentation for this? I've been searching all day and the only thing I can find nothing on this. It appears to be an application level property.
     
  4. Tracy Perry

    Tracy Perry Well-Known Member

    PHP 5.6.0 released

    There was a lot of digging that it took to get it to work.. but in the end, the easies thing for me was getting a valid cert for the domain I do my mail serving from.

    In a nutshell,
     
    Last edited: Aug 23, 2015
  5. Jawsh

    Jawsh Formerly null0

    And thus this marks the only technical problem I've ever had that could only be resolved by spending money.

    Thanks for the help, appears to be working fine.
     
  6. Tracy Perry

    Tracy Perry Well-Known Member

    Sometimes it's worth spending the $20 or so (I get multi-year) for the cert. I figured after I had researched/dug for about 3 hours my time was worth more than that an hour. ;)
     
    Set3sh likes this.

Share This Page