Email Hostname Certificate Mismatch Causing sidekiq Queue Overload, Severe Site Instability

This might help finding the correct one:

dig +short smtp.mydomain.info|xargs -n 1 nslookup|grep name=

3 Likes

Unfortunately it doesn’t work, the error is the same:
SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch)

With version 2.9.0.beta4 (0acbd63320) was working, can I downgrade?

I created a new temporary email account with start tls support, I hope it will be fixed before the 2.9.0.beta5 release.

1 Like

I followed the advice above and set the hostname to the name on the certificate.

It’s worth noting that, in this case, the problem only seems to have occurred after a laucher-initiated rebuild, rather than merely on an upgrade. Perhaps a problem with the launcher scripts?

2 Likes

Can you please tell me how did you do it?
I’m going crazy, I can’t use SMTP server with port 25 or 587 without SSL and TLS

Thanks

1 Like

I may not be able to help you then, since my configuration doesn’t require TLS. I think the only thing to do is either use a third-party email provider that provides valid certs, or wait for a fix that allows bypassing this issue.

1 Like

Did you try Richard’s dig command to find a hostname for your SMTP server for which it has a certificate?

1 Like

Mine is also without TLS and SSL :slight_smile:

1 Like

Similar issue here Can't Send Emails - #14 by sukria.
Did something change in the base image or in an external library or gem?

6 Likes

Yes that’s right, it’s the same problem … it started about two weeks ago.

1 Like

Can you try both

DISCOURSE_SMTP_ENABLE_START_TLS: false 
DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none

?

2 Likes

Are the first things I tried but still the same error

SSL_connect returned=1 errno=0 state=error: certificate verify failed (Hostname mismatch)
1 Like

Hey, I tried it with both the options. It still doesn’t work:

  DISCOURSE_SMTP_ADDRESS: REDACTED
  DISCOURSE_SMTP_PORT: 25
  DISCOURSE_SMTP_USER_NAME: REDACTED
  DISCOURSE_SMTP_PASSWORD: REDACTED
  DISCOURSE_SMTP_ENABLE_START_TLS: false           # (optional, default true)
  DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none
  DISCOURSE_SMTP_AUTHENTICATION: "login"

I still get certificate verify failed (self signed certificate).

2 Likes

For me it has been a blocking bug for a long time …
I recommend you to create a new temporary email address that has SMTP TLS support.

Could this be related to this gem

4 Likes