• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Question Domain has no access to CA Certification files (PHP)

MarkusN78

New Pleskian
Server operating system version
Plesk Obsidian v18.0.54_build1800230824.08 os_Ubuntu 20.04
Plesk version and microupdate number
Ubuntu 20.04.6 LTS
Hi,
i have a vserver setup on strato with 4 domains.
For one domain i have a working ssl certificate, and my website access over https is working.
When i try to send an email via phpmailer and a little script from that domain,
i got the following error:
Code:
PHP: SSL loaded 2023-09-05 10:12:53 Connection: opening to ssl://solarwind-shop.de:465, timeout=300, options=array()
2023-09-05 10:12:53 Connection failed. Error #2: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [/var/www/vhosts/solarwind-shop.de/httpdocs/includes/vendor/phpmailer/phpmailer/src/SMTP.php line 397
i checked my php.ini and i found that the values for openssl.cafile is empty and i think this is causing that problem...
how do i change that value?
i am using php 8.1.22 as FPM
 
When you use port 465, SSL is required. Instead, you can use port 25 (without SSL). Submitting mail by a script on your localhost is no security issue if that is not encrypted, because an attacker who is capable of intercepting that mail would also be capable of directly manipulating scripts to read it much more easily.
 
Hi Peter,
yes you are right, but this is only a testscript. My big problem is that i have a shop-system on this domain, and there i got the same error. And from that shop-system, there will be outgoing email to the customers regarding their payment...
Hopefully i am thinking right, then these emails should be securely send
 
The question is only about mail submission from one script on the server to another script on the same server. It is not about connecting to another server and transmitting data over the Internet. If your mail server actually uses encryption when transmitting mail to another mail server is not affected by your choice of the submission port.
 
Back
Top