Bits of code, php and self signed cert on Moodle

And a hack, if you happen to have a Moodle 2.6.x with phpmailer old library and you had php5.6.x you may find if you use ssl/tls to send mail that now php is strictier with self signed certificates, well there are good documentation on php.net about [1] and [2] but not really a clue on what you need to do exactly, for that serverfault offered a better answer [3], not to mention that toke me like 2 hours of reading logs, my own doc on changes, receive a call from my co admin at work for Moodle as he received a lot of mail asking why things where broken, mostly lost|forgotten passwords. At last thinking on the way Moodle uses mail got with the right file, now search how to implement after tried to modify directly, got more time to read and found where it connects finally, so there also exists $options variable to add well options, so I did.

$git diff class.phpmailer.php
diff --git a/lib/phpmailer/class.phpmailer.php b/lib/phpmailer/class.phpmailer.php
index fe37a93..414d2e8 100644
--- a/lib/phpmailer/class.phpmailer.php
+++ b/lib/phpmailer/class.phpmailer.php
@@ -1222,7 +1222,12 @@ class PHPMailer
* @throws phpmailerException
* @return bool
*/
- public function smtpConnect($options = array())
+ public function smtpConnect($options = array(
+ 'ssl'=>array(
+ 'verify_peer' => false,
+ 'verify_peer_name' => false,
+ 'allow_self_signed' => true)
+ ))
{
if (is_null($this->smtp)) {
$this->smtp = $this->getSMTPInstance();

And voila, we are live again, if you wonder why we need to send mail via tls from another host, well is a long history, but made short Azure not providing reverse resolution from their web panel [4] or from their powershell implementation on Linux also our contact in .mx where unable to provide, info|fix|doc|options to get our mail not marked as bulk from no other that outlook.com go figure.

Had to admit that I was planning to begin the weekend very different doing something really different :/ but as this early morning update our production server with the well tested config on our dev machine… that don’t need to send mail :P at least wasn’t tomorrow, that a large course with self enrolment begins, that will have been overkill and not nice.

Update 26/8/2016: We have migrated to Moodle 3.1, is not their problem it’s PHP no longer accepting self signed certs, new diff, same file:

diff --git a/lib/phpmailer/class.phpmailer.php b/lib/phpmailer/class.phpmailer.php
index e4dd00b..5db0de9 100644
--- a/lib/phpmailer/class.phpmailer.php
+++ b/lib/phpmailer/class.phpmailer.php
@@ -269,7 +269,12 @@ class PHPMailer
* Options array passed to stream_context_create when connecting via SMTP.
* @var array
*/
- public $SMTPOptions = array();
+ public $SMTPOptions = array(
+ 'ssl'=>array(
+ 'verify_peer' => false,
+ 'verify_peer_name' => false,
+ 'allow_self_signed' => true)
+ );

/**
* SMTP username.

It’s needed to get working again.
[1] http://php.net/manual/en/migration56.openssl.php
[2] http://php.net/manual/en/context.ssl.php
[3] http://serverfault.com/questions/660241/postfix-tls-error
[4] https://azure.microsoft.com/en-us/blog/announcing-reverse-dns-for-azure-cloud-services/

Esta entrada fue publicada en edusol, General, planetalinux, sysadmin, Trabajo, Web y etiquetada , , , , , , , , . Guarda el enlace permanente.

1 respuesta a Bits of code, php and self signed cert on Moodle

  1. Pingback: PHP y certificados firmados por uno mismo el caso de Moodle | El Cuchitril

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.