如何修复SSL证书验证失败 [英] how to fix SSL certificate verification failure
问题描述
我在本地使用PHPMailer以及Apache和PHP. 当我测试我的SSL配置和我的证书时,我得到了
default_cert_file = C:\Program Files\Common Files\SSL/cert.pem
default_cert_file_env = SSL_CERT_FILE
default_cert_dir = C:\Program Files\Common Files\SSL/certs
default_cert_dir_env = SSL_CERT_DIR
default_private_dir = C:\Program Files\Common Files\SSL/private
default_default_cert_area = C:\Program Files\Common Files\SSL
ini_cafile =
ini_capath =
然后,我做了
var_dump(fsockopen("smtp.gmail.com", 465, $errno, $errstr, 3.0));
var_dump($errno);
var_dump($errstr);
我明白了
fsockopen resource(2) of type (stream) int(0) string(0) ""
在我的php.ini中,我在curl部分中具有curl.cainfo = C:/php/cacert.pem,并且它可以正常工作.
但是当我尝试使用PHPMailer从本地主机发送邮件时,我一直在获取
SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
unable to connect to ssl://smtp.gmail.com:465 (Unknown error)
我还转到了https://accounts.google.com/DisplayUnlockCaptcha中SMTP中使用的帐户,并启用了该帐户.并https://myaccount.google.com/lesssecureapps?pli=1并启用安全性较低的应用程序.
我猜这是一个SSL错误,而不是PHPMailer.坦白说,我很困惑,不知道该如何解决.请原谅我的无知,如果您对问题出在哪里以及如何解决问题有任何帮助,那就太好了.
PS,这是我发送邮件的php文件.谢谢
<?php
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
require 'C:/php/PHPMailer/src/Exception.php';
require 'C:/php/PHPMailer/src/PHPMailer.php';
require 'C:/php/PHPMailer/src/SMTP.php';
$mail = new PHPMailer(true);
try {
$mail->SMTPDebug = 3;
$mail->isSMTP();
$mail->Host = 'smtp.gmail.com';
$mail->SMTPAuth = true;
$mail->Username = 'slevin@gmail.com';
$mail->Password = 'secret';
$mail->SMTPSecure = 'ssl';
$mail->Port = 465;
//Recipients
$mail->setFrom('slevin@gmail.com');
$mail->addAddress('jacob@gmail.com');
//Content
$mail->isHTML(true);
$mail->Subject = 'subject';
$mail->Body = 'HTML message body <b>in bold!</b>';
$mail->AltBody = 'body in plain text';
$mail->send();
echo 'Message has been sent';
} catch (Exception $e) {
echo 'Message could not be sent.';
echo 'Mailer Error: ' . $mail->ErrorInfo;
}
?>
更新
当我尝试使用$mail->SMTPSecure = 'ssl';和$mail->Port = 465;时,我会得到
2017-10-01 13:04:25 Connection: opening to ssl://smtp.gmail.com:465, timeout=300, options=array()
2017-10-01 13:04:26 Connection failed. Error #2: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [C:\php\PHPMailer\src\SMTP.php line 324]
2017-10-01 13:04:26 Connection failed. Error #2: stream_socket_client(): Failed to enable crypto [C:\php\PHPMailer\src\SMTP.php line 324]
2017-10-01 13:04:26 Connection failed. Error #2: stream_socket_client(): unable to connect to ssl://smtp.gmail.com:465 (Unknown error) [C:\php\PHPMailer\src\SMTP.php line 324]
2017-10-01 13:04:26 SMTP ERROR: Failed to connect to server: (0)
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Message could not be sent.Mailer Error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
当我尝试使用$mail->SMTPSecure = 'tls';和$mail->Port = 587;时,我会得到
2017-10-01 13:07:20 Connection: opening to smtp.gmail.com:587, timeout=300, options=array()
2017-10-01 13:07:21 Connection: opened
2017-10-01 13:07:21 SERVER -> CLIENT: 220 smtp.gmail.com ESMTP l4sm5217189wrb.74 - gsmtp
2017-10-01 13:07:21 CLIENT -> SERVER: EHLO localhost
2017-10-01 13:07:21 SERVER -> CLIENT: 250-smtp.gmail.com at your service, [85.75.196.114]250-SIZE 35882577250-8BITMIME250-STARTTLS250-ENHANCEDSTATUSCODES250-PIPELINING250 SMTPUTF8
2017-10-01 13:07:21 CLIENT -> SERVER: STARTTLS
2017-10-01 13:07:21 SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
2017-10-01 13:07:21 Connection failed. Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [C:\php\PHPMailer\src\SMTP.php line 403]
SMTP Error: Could not connect to SMTP host.
2017-10-01 13:07:21 CLIENT -> SERVER: QUIT
2017-10-01 13:07:21 SERVER -> CLIENT:
2017-10-01 13:07:21 SMTP ERROR: QUIT command failed:
2017-10-01 13:07:21 Connection: closed
SMTP Error: Could not connect to SMTP host.
Message could not be sent.Mailer Error: SMTP Error: Could not connect to SMTP host.
只是出现了相同的错误消息,也许您遇到了相同的问题:
- 我的证书很好(我可以无任何问题地进入HTTPS域)
- 无法通过PHP的
stream_context_create和stream_socket_client运行相同的请求
- 我希望检查SSL证书
通过cURL测试相同的域返回
: curl: (60) SSL certificate problem: certificate is not yet valid
证明我同时运行PHP和cURL的虚拟机有11天的错误(12月11日而不是12月22日).
通过固定计算机/虚拟机的日期(使用ntp,ntpdate-debian等),证书测试现在可以在cURL命令行或PHP中正常运行.
I use PHPMailer, along with Apache and PHP, locally. When I test my SSL config and my cacerts I get
default_cert_file = C:\Program Files\Common Files\SSL/cert.pem
default_cert_file_env = SSL_CERT_FILE
default_cert_dir = C:\Program Files\Common Files\SSL/certs
default_cert_dir_env = SSL_CERT_DIR
default_private_dir = C:\Program Files\Common Files\SSL/private
default_default_cert_area = C:\Program Files\Common Files\SSL
ini_cafile =
ini_capath =
and then, I do
var_dump(fsockopen("smtp.gmail.com", 465, $errno, $errstr, 3.0));
var_dump($errno);
var_dump($errstr);
and I get
fsockopen resource(2) of type (stream) int(0) string(0) ""
In my php.ini I have curl.cainfo = C:/php/cacert.pem in the curl part and it works.
But when I try to use PHPMailer to send a mail from localhost, I keep getting
SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Failed to enable crypto
unable to connect to ssl://smtp.gmail.com:465 (Unknown error)
I also went to the account used in the SMTP, in https://accounts.google.com/DisplayUnlockCaptcha and enable it. And to https://myaccount.google.com/lesssecureapps?pli=1 and enabled less secured apps.
I guess this is an SSL error and not a PHPMailer. Frankly, I am confused dont know how to fix it. Excuse my ignorance, any help on whats is going wrong and how to fix it , would be great.
PS, this my php file that sends the mail. Thank you
<?php
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
require 'C:/php/PHPMailer/src/Exception.php';
require 'C:/php/PHPMailer/src/PHPMailer.php';
require 'C:/php/PHPMailer/src/SMTP.php';
$mail = new PHPMailer(true);
try {
$mail->SMTPDebug = 3;
$mail->isSMTP();
$mail->Host = 'smtp.gmail.com';
$mail->SMTPAuth = true;
$mail->Username = 'slevin@gmail.com';
$mail->Password = 'secret';
$mail->SMTPSecure = 'ssl';
$mail->Port = 465;
//Recipients
$mail->setFrom('slevin@gmail.com');
$mail->addAddress('jacob@gmail.com');
//Content
$mail->isHTML(true);
$mail->Subject = 'subject';
$mail->Body = 'HTML message body <b>in bold!</b>';
$mail->AltBody = 'body in plain text';
$mail->send();
echo 'Message has been sent';
} catch (Exception $e) {
echo 'Message could not be sent.';
echo 'Mailer Error: ' . $mail->ErrorInfo;
}
?>
Update
When I try with $mail->SMTPSecure = 'ssl'; and $mail->Port = 465; I get
2017-10-01 13:04:25 Connection: opening to ssl://smtp.gmail.com:465, timeout=300, options=array()
2017-10-01 13:04:26 Connection failed. Error #2: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [C:\php\PHPMailer\src\SMTP.php line 324]
2017-10-01 13:04:26 Connection failed. Error #2: stream_socket_client(): Failed to enable crypto [C:\php\PHPMailer\src\SMTP.php line 324]
2017-10-01 13:04:26 Connection failed. Error #2: stream_socket_client(): unable to connect to ssl://smtp.gmail.com:465 (Unknown error) [C:\php\PHPMailer\src\SMTP.php line 324]
2017-10-01 13:04:26 SMTP ERROR: Failed to connect to server: (0)
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Message could not be sent.Mailer Error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
When I try with $mail->SMTPSecure = 'tls'; and $mail->Port = 587; I get
2017-10-01 13:07:20 Connection: opening to smtp.gmail.com:587, timeout=300, options=array()
2017-10-01 13:07:21 Connection: opened
2017-10-01 13:07:21 SERVER -> CLIENT: 220 smtp.gmail.com ESMTP l4sm5217189wrb.74 - gsmtp
2017-10-01 13:07:21 CLIENT -> SERVER: EHLO localhost
2017-10-01 13:07:21 SERVER -> CLIENT: 250-smtp.gmail.com at your service, [85.75.196.114]250-SIZE 35882577250-8BITMIME250-STARTTLS250-ENHANCEDSTATUSCODES250-PIPELINING250 SMTPUTF8
2017-10-01 13:07:21 CLIENT -> SERVER: STARTTLS
2017-10-01 13:07:21 SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
2017-10-01 13:07:21 Connection failed. Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [C:\php\PHPMailer\src\SMTP.php line 403]
SMTP Error: Could not connect to SMTP host.
2017-10-01 13:07:21 CLIENT -> SERVER: QUIT
2017-10-01 13:07:21 SERVER -> CLIENT:
2017-10-01 13:07:21 SMTP ERROR: QUIT command failed:
2017-10-01 13:07:21 Connection: closed
SMTP Error: Could not connect to SMTP host.
Message could not be sent.Mailer Error: SMTP Error: Could not connect to SMTP host.
Just had the same error message, maybe you've got the same issue:
- my certificate is good (I can go to the HTTPS domain without any issue)
- can't run the same request through PHP's
stream_context_createandstream_socket_client - I want SSL certificate to be checked
Testing the same domain through cURL returned:
curl: (60) SSL certificate problem: certificate is not yet valid
Turns out my virtual machine in which I've run both PHP and cURL had 11 days of error (december 11th instead of december 22th).
By fixing the computer/virtual machine's date (using ntp, ntpdate-debian or the like), the certificate test now runs fine, in both cURL command-line or PHP.
这篇关于如何修复SSL证书验证失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
