-1

It seems that we need to configure the mailer to use self-signed certificates in a Symfony 1.4 project and no idea where to look at

Configuration right now:

mailer:
    class: sfMailer
    param:
      delivery_strategy:  realtime
      delivery_address:   user@mail.com
      transport:
        class: Swift_SmtpTransport
        param:
          host:       x.x.x.x
          port:       25
          encryption: ~
          username:   user@mail.com
          password:   pass

I was looking at this question: PHP - Swiftmailer using STARTTLS and self signed certificates

But all examples are with Laravel and it seems very new so I'm not sure if Symfony 1.4 has all these features included.

I also looked at the mailer configuration but I didn't find anything of help there.

Any help on how to configure this without touching anything from vendor folder?

EDIT:

So this is the new configuration:

mailer:
    class: sfMailer
    param:
      delivery_strategy:  realtime
      delivery_address:   user@mail.com
      transport:
        class: Swift_SmtpTransport
        param:
          host:       x.x.x.x
          port:       25
          encryption: ~
          username:   user@mail.com
          password:   pass
          streamOptions:
            ssl:
                allow_self_signed: true
                verify_peer: false
                local_cert: "/etc/ssl/certificate.cer"
                local_pk: "/etc/ssl/certificate.key"
Sephy
  • 159
  • 1
  • 2
  • 15

1 Answers1

-1

Yes, you should be able to add these stream options options to the param section of the transport. If I read the class sfMailer right, it should look something like this:

transport:
    class: Swift_SmtpTransport
    param:
        host:       x.x.x.x
        port:       25
        encryption: ~
        username:   user@mail.com
        password:   pass
        streamOptions:
            ssl:
                 allow_self_signed: true
                 verify_peer: false
dbrumann
  • 16,803
  • 2
  • 42
  • 58
  • If this does not work, please let us know which version of Swiftmailer you use, just in case these options or the method were handled differently in older versions. – dbrumann Feb 20 '19 at 14:46
  • No problem, but how does it verify the certificate? Do I have to place it in a specific place? – Sephy Feb 21 '19 at 09:43
  • 1
    The above options do not verify the certificate, but you can modify the behavior with the additional options for the ssl context under `streamOptions.ssl`. If you want to verify the certificate you probably have to set the `capath` & `local_cert` at the very least. You can find an overview of the available options here: https://secure.php.net/manual/en/context.ssl.php – dbrumann Feb 21 '19 at 12:51
  • Ok, I did this...but not really sure if this should work, see OP please – Sephy Feb 21 '19 at 13:42
  • 1
    Could you please also add any errors and log messages you get with the new configuration? From the docs I would exepct your `local_cert` to be a `*.pem` file, maybe that is causing the issue? – dbrumann Feb 21 '19 at 13:47
  • Changed to .pem and I got this error: "Expected response code 250 but got code "530", with message "530 5.7.0 Must issue a STARTTLS command first\r\n". Maybe I need to use in the config some other configuration? I tried with ssl and 587 (this causes a timed out) and with TLS and port 587 and got the same error. Any idea? – Sephy Feb 26 '19 at 09:54
  • When using encryption: starttls and port: 25 I got this error:"[Unable to find the socket transport "starttls" - did you forget to enable it when you configured PHP? ". Checked my phpinfo and openssl is enabled. – Sephy Feb 26 '19 at 11:02
  • 1
    Sorry, I I don't have enough experience with this to help. Maybe it would make sense to open a new question describing your new error messages to draw people's attention to your problem? – dbrumann Feb 26 '19 at 12:44
  • 1
    Thank you. I just realized that the email server support could have not opened the 465 and 587 ports so I contacted with them. If that wouldn't provide me any clues I would do what you suggest. – Sephy Feb 26 '19 at 12:49