Project

General

Profile

Email sending error - issue with self signed certs

Added by Zs Vizi over 1 year ago

Hi everybody!

I'm trying to set up a redmine server, with the "official" docker image on dockerHub. It is more or less working (I could successfully import all old data from our old redmine server), but I cannot make the email working.

The email server is on the same computer (some else maintains it, I cannot change the settings of it nor see logs), it can be accessed on localhost:25, with no login. The mail server uses a self-signed certificate, and it seems that this is the root of my problem. Here's an example email config (note: the address is due to docker's network handling):

production:
  delivery_method: :smtp
  smtp_settings:
    openssl_verify_mode: "none" 
    address: "host.docker.internal" 
    port: 25

This way I get the following error:

An error occurred while sending mail (454 4.7.1 <xxx@yyy.com>: Relay access denied )

If I set anything in the config file about SSL (set_starttls_enable, ssl...etc), I immediately get this error message:

An error occurred while sending mail (SSL_connect returned=1 errno=0 peeraddr=x.x.x.x:25 state=error: certificate verify failed (self signed certificate))

I tried to look for a solution online, since I've been trying for about a week with different approaches, settings, networking. I only found a few forum posts about this exact problem (redmine with self signed certs), none of them had answers, but most of them imply that newer redmine versions don't support self signed certs (see the error message above).

Has anyone any idea how to alter the config, or is it even possible?

My system:
OS: Debian 11 /though it doesn't really matter/

Redmine version: 5.0.2.stable
Ruby version: 3.1.2-p20 (2022-04-12) [x86_64-linux]
Rails version: 6.1.6
Environment: production
Database adapter: Mysql2

MySQL version:: mysql Ver 14.14 Distrib 5.7.39, for Linux (x86_64) using EditLine wrapper


Replies (5)

RE: Email sending error - issue with self signed certs - Added by Boy132 DE about 1 year ago

I have the same problem on Redmine 5.0.4 with Ruby 2.7.4:

SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate)

Setting the openssl_verify_mode to none did not help. This error did not occur on Redmine 4.x.

RE: Email sending error - issue with self signed certs - Added by Vitkor Zsitva about 1 year ago

Hello

Ruby and Redmine were also updated for me.
Redmine 5.0.4 with Ruby 2.7.4.

SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate)

Modify gems module: net-smtp
Line 601 ->

Origin: ssl_context_params[:verify_mode] = @tls_verify ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE
Modify: ssl_context_params[:verify_mode] =  OpenSSL::SSL::VERIFY_NONE

systemctl restart httpd

And so I managed to solve it by force, but when I run bundle update, this modification disappears, so I will run into an error again.

RE: Email sending error - issue with self signed certs - Added by Boy132 DE about 1 year ago

I solved it by removing all tls-related config settings (in my case enable_starttls_auto) and just setting openssl_verify_mode to 'none'. After that it worked.

RE: Email sending error - issue with self signed certs - Added by Vitkor Zsitva about 1 year ago

Sometimes less settings are better? :D
Weird way I tried this idea and it works.
Thanks for the idea, so you don't have to worry about the error when updating.

RE: Email sending error - issue with self signed certs - Added by zhou zhen 5 months ago

production:
  email_delivery:
    delivery_method: :smtp
    smtp_settings:
      address: xxxxxxx
      port: 25
      disable_start_tls: true
      openssl_verify_mode: "none" 
    (1-5/5)