My mail server runs with a self signed certificate. So bts, configured like this ...
BTS_SMTP_HOST=mail.wgdd.de:587 BTS_SMTP_AUTH_USERNAME='user' BTS_SMTP_AUTH_PASSWORD='pass'
...lately refused to send mails with this error:
bts: failed to open SMTP connection to mail.wgdd.de:587 (SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed)
After searching a bit, I found a way to fix this locally without turning off the server certificate verification. The fix belongs into the send_mail() function. When calling the Net::SMTPS->new() constructor, it is possible to add the fingerprint of my self signed certificate like this (bold):
if (have_smtps) {
$smtp = Net::SMTPS->new($host, Port => $port,
Hello => $smtphelo, doSSL => 'starttls',
SSL_fingerprint => 'sha1$hex-fingerprint')
or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
} else {
$smtp = Net::SMTP->new($host, Port => $port, Hello => $smtphelo)
or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
}
Pretty happy to being able to use the bts command again.
I solved the same issue by just making my MTA use Let’s Encrypt, and that’s something I recommend you do too ;)
ReplyDeleteThe Dedicated Hosting is a type of website hosting mostly preferred by the large web sites or sites having huge amount of traffic and needs reliability and high-performance. minecraft server hosting
ReplyDelete