MyBB Community Forums

Full Version: Failed to start TLS encryption after moving to new server
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
A few days ago I moved my site from one VPS to another and now after that no emails are being sent by mybb and error I am getting in "System Mail Log" is "Failed to start TLS encryption".

I am using 3rd party email service to send emails and all SPF, DKIM etc. settings are the same and working in my email service so I wonder what happened!?

May be I failed to enable some service on new server!? Previous one was Debian 8 while this one is Debian 9.

I used sample PHP mail sending script from this thread and here are the detailed error messages I am getting for each TLS and SSL.

https://community.mybb.com/thread-209319...68737.html

When I use TLS to send email
Error: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086ConfusedSL routines:tls_process_server_certificate:certificate verify failed

When I use SSL to send email
Error: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086ConfusedSL routines:tls_process_server_certificate:certificate verify failedError: fsockopen(): Failed to enable cryptoError: fsockopen(): unable to connect to ssl://smtp.zoho.com:465 (Unknown error)Error: stream_set_timeout() expects parameter 1 to be resource, boolean given

How do I fix this issue?
Sounds like you server doesn't have the CA certificate for the certficiate your mail server is using. Is this a VPS or shared hosting? If it's shared, you should contact your host and ask them to install an updated CA certificate bundle - give them the error message you provided here too.
(01-07-2018, 07:47 PM)Euan T Wrote: [ -> ]Sounds like you server doesn't have the CA certificate for the certficiate your mail server is using. Is this a VPS or shared hosting? If it's shared, you should contact your host and ask them to install an updated CA certificate bundle - give them the error message you provided here too.

It's a VPS. I have had problems with certificates before on this VPS so you may be right about this. Since the VPS is unmanaged, how can I solve it myself?
It can be done by various methods but i'll suggest you to use the package repositories like yum install ca-certificates or perhaps yum update ca-certificates. or if you are using an older version of linux i will suggest you to update it to latest one.
(01-08-2018, 04:41 AM)Dark-Power-Invader Wrote: [ -> ]It can be done by various methods but i'll suggest you to use the package repositories like yum install ca-certificates or perhaps yum update ca-certificates. or if you are using an older version of linux i will suggest you to update it to latest one.

apt-get install ca-certificates fixed the issue. Thanks.