When trying to send emails through smtp.google.com
via PHPMailer on PHP hosted by IIS on Windows 10, I get this error message:
Connection failed.
Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1.
OpenSSL Error messages
error:14090086
SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
The key part of that error I'm sure is certificate verify failed. I'm running OpenSSL and it's enabled and linked to my php. Here is some info output by my local PHP instance:
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 1.0.1p 9 Jul 2015
OpenSSL Header Version => OpenSSL 1.0.1p 9 Jul 2015
Directive => Local Value => Master Value
openssl.cafile => no value => no value
openssl.capath => no value => no value
Here is my PHP code:
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
require 'src/Exception.php';
require 'src/PHPMailer.php';
require 'src/SMTP.php';
$mail = new PHPMailer;
$mail->isSMTP();
$mail->SMTPDebug = 2; // 0 = off (for production use) - 1 = client messages - 2 = client and server messages
$mail->Host = "smtp.gmail.com"; // use $mail->Host = gethostbyname('smtp.gmail.com'); // if your network does not support SMTP over IPv6
$mail->Port = 587; // TLS only
$mail->SMTPSecure = 'tls'; // ssl is depracated
$mail->SMTPAuth = true;
$mail->Username = $smtpUsername;
$mail->Password = $smtpPassword;
$mail->setFrom($emailFrom, $emailFromName);
$mail->addAddress($emailTo, $emailToName);
$mail->Subject = 'PHPMailer GMail SMTP test';
$mail->msgHTML("test body"); //$mail->msgHTML(file_get_contents('contents.html'), __DIR__); //Read an HTML message body from an external file, convert referenced images to embedded,
$mail->AltBody = 'HTML messaging not supported';
// $mail->addAttachment('images/phpmailer_mini.png'); //Attach an image file
if(!$mail->send()){
echo "Mailer Error: " . $mail->ErrorInfo;
}else{
echo "Message sent!";
}
I'm out of my depth regarding OpenSSL and cert issues. I have tried to understand the Updating CA certificates section of the PHPMailer troubleshooting guide, but I'm lost and confused. Can someone give me a set of steps I can follow and fix the cert problem on my local Windows 10 machine?
To paraphrase the guide, download the CA bundle from curl and store it somewhere on your file system. Take the path you saved it to and add a line to your php.ini file saying:
openssl.cafile = $path
Where $path is where you saved the CA certs to. Then restart your web server to pick up the ini change.
If that worked, you should see that setting in the output from phpinfo()
, and it should also give PHP what it needs to validate the certificate when PHPMailer uses it. Be aware that if the server is presenting a truly invalid or expired certificate, this won’t help, but given that this a well-known problem and solution, I expect it to work.