Sunday, January 14, 2018

Make 'bts' (devscripts) accept TLS connection to mail server with self signed certificate

My mail server runs with a self signed certificate. So bts, configured like this ...

BTS_SMTP_HOST=mail.wgdd.de:587
BTS_SMTP_AUTH_USERNAME='user'
BTS_SMTP_AUTH_PASSWORD='pass'

...lately refused to send mails with this error:

bts: failed to open SMTP connection to mail.wgdd.de:587
(SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed)

After searching a bit, I found a way to fix this locally without turning off the server certificate verification. The fix belongs into the send_mail() function. When calling the Net::SMTPS->new() constructor, it is possible to add the fingerprint of my self signed certificate like this (bold):

if (have_smtps) {
    $smtp = Net::SMTPS->new($host, Port => $port,
        Hello => $smtphelo, doSSL => 'starttls',
        SSL_fingerprint => 'sha1$hex-fingerprint')
        or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
} else {
    $smtp = Net::SMTP->new($host, Port => $port, Hello => $smtphelo)
        or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
}

Pretty happy to being able to use the bts command again.

Posted by at
Labels: , , , , ,

6 comments:

  1. Andrej ShaduraJanuary 14, 2018 at 1:34 PM

    I solved the same issue by just making my MTA use Let’s Encrypt, and that’s something I recommend you do too ;)

    ReplyDelete
  2. Mueeid KhanMarch 22, 2019 at 6:06 PM

    The Dedicated Hosting is a type of website hosting mostly preferred by the large web sites or sites having huge amount of traffic and needs reliability and high-performance. minecraft server hosting

    ReplyDelete
  3. yanmaneeeJune 19, 2019 at 3:02 PM

    jordan shoes
    gucci belts
    air max
    chrome hearts outlet
    yeezy
    moncler
    ferragamo belt
    balenciaga shoes
    off white nike
    hermes belts

    ReplyDelete
  4. JohnFebruary 5, 2020 at 12:01 PM

    a

    ReplyDelete
  5. Fiona DukeFebruary 6, 2020 at 7:09 AM

    Honest enjoy to the people folks; they arrived by way of on the part of me. Obtained aggravated by my normal distributor, I have even previously bought a variety of times from Deutsche Medz nevertheless got it less expensive from various other people. Less costly isn't perpetually increased, unquestionably protrusive with you from at the moment on. Excellent from start to accomplish!

    ReplyDelete
  6. Kevin HorganMarch 31, 2020 at 11:36 AM

    Probably the most significant aspects to clans is game servers. They have nearly grown to be a requirement for clans undertake a game server to be successful and famous in market. Industry itself is tremendously saturated with miniature and substantial companies looking to usher in your business. So what is best for any clan? best ark survival server hosting

    ReplyDelete

Subscribe to: Post Comments (Atom)