needed informations are missing, still. sorry.
pls install app “issue template” - fill in missing infos there and copy&paste it’s output here.
sorry, misunderstood your request, post withdrawn.
Problem solved. It was because I use a self signed certificate on my mail server. Add options to StreamBuffer.php in the 3rdParty/Swiftmailer directory and all sorted now.
I have a same problem.
How to change StreamBuffer.php
I found some post on internet in which it is described to add
Blockquote
$transport = Swift_SmtpTransport::newInstance(‘fqdn.mailserver.com’, 587, ‘tls’)
->setUsername(‘user’)
->setPassword(‘Password’)
->setStreamOptions(array(‘ssl’ => array(‘allow_self_signed’ => true, ‘verify_peer’ => false)));
Blockquote
/var/www/nextcloud/3rdparty/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php
I changed and i don’t have eror (Error: Unable to connect with TLS encryption), but when i want to send a test email, test is in sending process and still waiting.
could you please add some more information, how you changed it?
Hi, I’ve NC14 now and the same Problem with my own Mail-Server.
The security is all right and I also have DANE-Support !
But I have an self-signed Mail-Server certificate, which is OK with the right TLSA-Record!
In NC this is not supportet. In an “all-self-hostet system” might this be a fault.
I’ve researched and modify line 263 in file:
/var/www/nextcloud/3rdparty/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php
$this->stream = @stream_socket_client($host.’:’.$this->params[‘port’], $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, stream_context_create(array(‘ssl’=>[‘verify_peer’=>false, ‘verify_peer_name’=>false, ‘allow_self_signed’=>true])));
Now I can send mails with my own mail-server with self-signed certificates over TLS !
I think on an nextcloud update, it will be resettet.
chears
unless you won’t file an issue about this on github (and having it solved) it sure enough will be reset by next update
no, there is no problem in the program.
I lower the security level with this setting! Because all certificates are accepted and no CA is checked. Especially since the switch exists, it only has to be adjusted.
The right way would be:
- store the serial number of my self-signed mailserver-certificate in NC.
or better: - add my own CA-cert to the list of accepted CA authorities.
or best: - NC is able to check valid self-signed certificates using the TLSA record in the DNS.
this could be regarded as a problem prolly it’s unwanted to the devs.
but i see your point to NOT file an isse on github. which means: next update → all gone
What do you mean by that?
I know for myself that it will be lost. That is exactly what I said myself before. So what are you trying to tell me?
i was just trying to tell you that your anticipation
would be correct. nothing more.
cheerio
jimmy
I confirm that this is still an issue on Nextcloud17.0.2, and that this workaround still works, and that it would be nice to see this included as a setting in Core
no github-issue filed, no solution
On Nextcloud Version 19.0.1 The solution is to add this to your config.php
file.
"mail_smtpstreamoptions" => array(
'ssl' => array(
'allow_self_signed' => true,
'verify_peer' => false,
'verify_peer_name' => false
)
),
This solved the problem for me.
This fix works for 19.0.2 as well.
Thanks, your configuration helped, also for Nextcloud 20!
This worked for me. Thank you so much…
Version: 20.0.6
in config.php:
“mail_smtpstreamoptions” => array(
‘ssl’ => array(
‘allow_self_signed’ => true,
‘verify_peer’ => false,
‘verify_peer_name’ => false
)
),
Is there a way to get more detailed errors? I already know I’m doing weird things, so I’m not sure exactly where its going wrong. I did the above, but when I try to connect to 127.0.0.1 I get the generic “Could not open secure TLS connection to the IMAP server.”
Im using socat to forward 127.0.0.1:1144 to remote host 192.168.136.138 which forwards that to a service listening on 127.0.0.1:1143 on that host (not my nextcloud instance). I can connect with telnet. Just trying to get more info. Enabling Debug logging didn’t give me any more info.
(Edit for clarity)
This still works for NC 26.0.1