Seiten

Sunday, January 14, 2018

Make 'bts' (devscripts) accept TLS connection to mail server with self signed certificate

My mail server runs with a self signed certificate. So bts, configured like this ...

BTS_SMTP_HOST=mail.wgdd.de:587
BTS_SMTP_AUTH_USERNAME='user'
BTS_SMTP_AUTH_PASSWORD='pass'

...lately refused to send mails with this error:

bts: failed to open SMTP connection to mail.wgdd.de:587
(SSL connect attempt failed error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed)

After searching a bit, I found a way to fix this locally without turning off the server certificate verification. The fix belongs into the send_mail() function. When calling the Net::SMTPS->new() constructor, it is possible to add the fingerprint of my self signed certificate like this (bold):

if (have_smtps) {
    $smtp = Net::SMTPS->new($host, Port => $port,
        Hello => $smtphelo, doSSL => 'starttls',
        SSL_fingerprint => 'sha1$hex-fingerprint')
        or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
} else {
    $smtp = Net::SMTP->new($host, Port => $port, Hello => $smtphelo)
        or die "$progname: failed to open SMTP connection to $smtphost\n($@)\n";
}

Pretty happy to being able to use the bts command again.

6 comments:

  1. I solved the same issue by just making my MTA use Let’s Encrypt, and that’s something I recommend you do too ;)

    ReplyDelete
  2. The Dedicated Hosting is a type of website hosting mostly preferred by the large web sites or sites having huge amount of traffic and needs reliability and high-performance. minecraft server hosting

    ReplyDelete
  3. Honest enjoy to the people folks; they arrived by way of on the part of me. Obtained aggravated by my normal distributor, I have even previously bought a variety of times from Deutsche Medz nevertheless got it less expensive from various other people. Less costly isn't perpetually increased, unquestionably protrusive with you from at the moment on. Excellent from start to accomplish!

    ReplyDelete
  4. Probably the most significant aspects to clans is game servers. They have nearly grown to be a requirement for clans undertake a game server to be successful and famous in market. Industry itself is tremendously saturated with miniature and substantial companies looking to usher in your business. So what is best for any clan? best ark survival server hosting

    ReplyDelete