SMTP allow self signed not working (anymore?)

Nextcloud version (eg, 20.0.5): 23.0.3
Operating system and version (eg, Ubuntu 20.04): Debian 11
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.??
PHP version (eg, 7.4): 8.0.18

The issue you are facing:

I am trying to set up smtp on my new NC 23 installation (official docker-compose file). For reasons that would take too long to explain here, my mail server does have a LE certificate but it needs to be contacted via a local IP. So for this purpose, in a previous installation (NC 22) I had to add

‘mail_smtpstreamoptions’ =>
array (
‘ssl’ =>
array (
‘allow_self_signed’ => ‘true’,
‘verify_peer’ => ‘false’,
‘verify_peer_name’ => ‘false’,
),
),

to config.php and this worked.

With NC 23 I can’t get this to work anymore. (Not sure, if this has to do with the new version or whether it is coincidence but I can’t think of anything else that would be different…)

When I try to send the test mail, I get this error:

A problem occurred while sending the email. Please revise your settings. (Error: Unable to connect with TLS encryption)

And in the NC logs, I find:

Error: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed at /var/www/html/3rdparty/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php#94

So there is still a problem with verifying the mail server’s certificate (which should be mitigated by the code mentioned above.

With respect to the code: this gets eliminated from the config.php once I change the settings on the Basic Settings page - I believe this behavior is new, too. So I first set everything on the Basic Settings and then add the code in the config.php file manually and then click on “Send Email” - but it still does not work…

I am running out of ideas…

Is this the first time you’ve seen this error? (Y/N): Well, yes and no - see above.

Steps to replicate it:

  1. Spin up a new instance of NC23 via docker-compose
  2. Enter smtp credentials via web interface
  3. Send test email to mail server via local IP
  4. Get error
  5. Add extra settings to config.php to keep NC from verifying mail server’s certificate
  6. Send test mail again
  7. Again get error

The output of your Nextcloud log in Admin > Logging:

See above

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

relevant part see above

The output of your Apache/nginx/system log in /var/log/____:

Nothing!?!

Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

See above

Has anyone else experienced this behaviour (and found a solution)?

Explaining is the point of this forum my friend. Please do so with exact technical details. We are volunteers and want to guess as little as possible. Thank you!

If you are confused, recount the exact steps you’ve taken and consult those against documentation. You can also search your errors against this forum and search engines. It is very likely the question is already answered.

https://help.nextcloud.com/search?q=Error%3A%20stream_socket_enable_crypto()%3A%20SSL%20operation%20failed%20with%20code%201.

You can also check back over the required support template and see if you can edit the missing logs into your post. You’ll need to enter your docker exec -it /bin/bash into your docker container before you’ll see the logs in /var/www and such.

This will give us the technical info and logs needed to better help you! Thanks.