I am trying to configure Nextcloud to use the EMail feature in additional settings, however it keeps returning the following error - A problem occurred while sending the email. Please revise your settings. (Error: Unable to connect with TLS encryption)
I know this isn’t the case as I can log in to the dedicated account using my email client, using IMAP and SMTP. My server requires STARTTLS and I connect on port 587. Not sure why Nextcloud won’t connect.
The GitHub issue seems to be related to the Mail app, not the functionality built in to Nextcloud for password reset etc., are both issues linked?
I don’t have the mail app installed as according to this page https://docs.nextcloud.com/server/12/admin_manual/configuration_server/email_configuration.html Nextcloud has basic functionality built in to connect to my SMTP server.
I am running the latest stable, v12.0.3
needed informations are missing, still. sorry.
pls install app “issue template” - fill in missing infos there and copy&paste it’s output here.
sorry, misunderstood your request, post withdrawn.
Problem solved. It was because I use a self signed certificate on my mail server. Add options to StreamBuffer.php in the 3rdParty/Swiftmailer directory and all sorted now.
I have a same problem.
How to change StreamBuffer.php
I found some post on internet in which it is described to add
$transport = Swift_SmtpTransport::newInstance(‘fqdn.mailserver.com’, 587, ‘tls’)
->setStreamOptions(array(‘ssl’ => array(‘allow_self_signed’ => true, ‘verify_peer’ => false)));
I changed and i don’t have eror (Error: Unable to connect with TLS encryption), but when i want to send a test email, test is in sending process and still waiting.
could you please add some more information, how you changed it?
Hi, I’ve NC14 now and the same Problem with my own Mail-Server.
The security is all right and I also have DANE-Support !
But I have an self-signed Mail-Server certificate, which is OK with the right TLSA-Record!
In NC this is not supportet. In an “all-self-hostet system” might this be a fault.
I’ve researched and modify line 263 in file:
$this->stream = @stream_socket_client($host.’:’.$this->params[‘port’], $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, stream_context_create(array(‘ssl’=>[‘verify_peer’=>false, ‘verify_peer_name’=>false, ‘allow_self_signed’=>true])));
Now I can send mails with my own mail-server with self-signed certificates over TLS !
I think on an nextcloud update, it will be resettet.
unless you won’t file an issue about this on github (and having it solved) it sure enough will be reset by next update
no, there is no problem in the program.
I lower the security level with this setting! Because all certificates are accepted and no CA is checked. Especially since the switch exists, it only has to be adjusted.
The right way would be:
- store the serial number of my self-signed mailserver-certificate in NC.
- add my own CA-cert to the list of accepted CA authorities.
- NC is able to check valid self-signed certificates using the TLSA record in the DNS.
this could be regarded as a problem prolly it’s unwanted to the devs.
but i see your point to NOT file an isse on github. which means: next update --> all gone
What do you mean by that?
I know for myself that it will be lost. That is exactly what I said myself before. So what are you trying to tell me?
i was just trying to tell you that your anticipation
would be correct. nothing more.
I confirm that this is still an issue on Nextcloud17.0.2, and that this workaround still works, and that it would be nice to see this included as a setting in Core
no github-issue filed, no solution
On Nextcloud Version 19.0.1 The solution is to add this to your
"mail_smtpstreamoptions" => array(
'ssl' => array(
'allow_self_signed' => true,
'verify_peer' => false,
'verify_peer_name' => false
This solved the problem for me.
This fix works for 19.0.2 as well.
Thanks, your configuration helped, also for Nextcloud 20!
This worked for me. Thank you so much…
“mail_smtpstreamoptions” => array(
‘ssl’ => array(
‘allow_self_signed’ => true,
‘verify_peer’ => false,
‘verify_peer_name’ => false
Is there a way to get more detailed errors? I already know I’m doing weird things, so I’m not sure exactly where its going wrong. I did the above, but when I try to connect to 127.0.0.1 I get the generic “Could not open secure TLS connection to the IMAP server.”
Im using socat to forward 127.0.0.1:1144 to remote host 192.168.136.138 which forwards that to a service listening on 127.0.0.1:1143 on that host (not my nextcloud instance). I can connect with telnet. Just trying to get more info. Enabling Debug logging didn’t give me any more info.
(Edit for clarity)