Error: Hostname/IP doesn't match certificate's altnames node.js

sarya picture sarya · Apr 18, 2017 · Viewed 10.1k times · Source

i want tom send email from my application using nodemailer , my code looks like this :

var smtpTransport = nodemailer.createTransport(smtpTransport({
          pool: true,
        host: 'smtp.myemailserver.com',
        port: 587,
        auth: {
            user: '[email protected]',
            pass: '******'
        }
}));
var mailOptions = {
    from: '[email protected]',
    to: '[email protected]',
    subject: 'test ',
    text: 'Hello world ',
    html: '<b>Hello world </b>'
    };

smtpTransport.sendMail(mailOptions, function(error, info){
    if(error){
       console.log(error);
    }else{
    console.log('Message sent: ' + info.response);
    }
});

but i get error that i can't figure out :

 [Error: Hostname/IP doesn't match certificate's altnames: "Host: smtp.myemailserver.com. is not in the cert's altnames: DNS:secure.emailsrvr.com, DNS:www.secure.myemailserver.com"]
      reason: 'Host: smtp.myemailserverr.com. is not in the cert\'s altnames: DNS:secure.myemailserver.com, DNS:www.myemailserver.com',
      host: 'smtp.myemailserver.com.',
      cert: 
       { subject: { OU: [Object], CN: 'secure.myemailserver.com' },
         issuer: 
          { C: 'GB',
            ST: 'Greater Manchester',
            L: 'Salford',
            O: 'COMODO CA Limited',
            CN: 'COMODO RSA Domain Validation Secure Server CA' },
         subjectaltname: 'DNS:secure.emailsrvr.com, DNS:www.secure.myemailserver.com',
         infoAccess: { 'CA Issuers - URI': [Object], 'OCSP - URI': [Object] }

i tried to add

tls { 
rejectUnauthorized: false 
} 

to email option but that causes blocking my email , so please any help

Answer

Jack Miner Ewes picture Jack Miner Ewes · Aug 16, 2017

Not sure you're missing the colon in your code like in your question, but it should be:

tls: { 
    rejectUnauthorized: false 
}

In my experience, that's all you need to get around cert name mismatches. The whole transport options should look like this:

var smtpTransport = nodemailer.createTransport(smtpTransport({
    pool: true,
    host: 'smtp.myemailserver.com',
    port: 587,
    auth: {
        user: '[email protected]',
        pass: '******'
    },
    tls: {
        rejectUnauthorized: false
    }

Also keep in mind this leaves you vulnerable to MITM attacks on SSL.