如果开了调试,调试进去会看到错误提示:
- smtp_code:"stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed"
最终提示是:Could not connect to SMTP host
原因是升到php5.6后默认开启验证
添加参数,去掉验证:
- $mail->SMTPOptions = array(
- 'ssl' => array(
- 'verify_peer' => false,
- 'verify_peer_name' => false,
- 'allow_self_signed' => true,
- )
- )
参考文档:
http://php.net/manual/en/context.ssl.php
去掉验证:
I am unable to load a PEM that was generated with the stunnel tools. However, I am able to use PHP calls to generate a working PEM that is recognized both by stunnel and php, as outlined here:
http://www.devdungeon.com/content/how-use-ssl-sockets-php
This code fragment is now working for me, and with stunnel verify=4, both sides confirm the fingerprint. Oddly, if "tls://" is set below, then TLSv1 is forced, but using "ssl://" allows TLSv1.2:
$stream_context = stream_context_create([ 'ssl' => [
'local_cert' => '/path/to/key.pem',
'peer_fingerprint' => openssl_x509_fingerprint(file_get_contents('/path/to/key.crt')),
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true,
'verify_depth' => 0 ]]);
$fp = stream_socket_client('ssl://ssl.server.com:12345',
$errno, $errstr, 30, STREAM_CLIENT_CONNECT, $stream_context);
fwrite($fp, "foo bar\n");
while($line = fgets($fp, 8192)) echo $line;
http://php.net/manual/en/context.ssl.php
