问题描述
尝试通过控制台发送电子邮件时,我收到此错误:
When trying to deliver an email via console I receive this error:
OpenSSL::SSL::SSLError: hostname was not match with the server certificate
问题是我真的不太了解证书等,或者真的不知道如何开始解决这个问题,我试着用 openssl
做一些调查,这是返回的证书.
The thing is I really don't know much about certificates and such, or really how to get started troubleshooting this, I tried to do some investigation with openssl
and here is the certificate that is returned.
我不知道是不是服务器上运行的 Postfix 或我的 rails 应用程序有问题,非常感谢您提供任何帮助或线索.
I don't know if its a problem with Postfix which is running on the server, or my rails app, any help or clues is really appreciated.
~% openssl s_client -connect mail.myhostname.com:25 -starttls smtp
CONNECTED(00000003)
depth=0 /CN=myhostname
verify error:num=18:self signed certificate
verify return:1
depth=0 /CN=myhostname
verify return:1
---
Certificate chain
0 s:/CN=myhostname
i:/CN=myhostname
---
Server certificate
-----BEGIN CERTIFICATE-----
[...redacted...]
-----END CERTIFICATE-----
subject=/CN=myhostname
issuer=/CN=myhostname
---
No client certificate CA names sent
---
SSL handshake has read 1203 bytes and written 360 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 1AA4B8BFAAA85DA9ED4755194C50311670E57C35B8C51F9C2749936DA11918E4
Session-ID-ctx:
Master-Key: 9B432F1DE9F3580DCC6208C76F96631DC5A4BC517BDBADD5F514414DCF34AC526C30687B96C5C4742E9583555A118232
Key-Arg : None
Start Time: 1292985376
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
250 DSN
推荐答案
比公认的答案要好得多的解决方案(在安全性方面)是:
An infinitely better solution (in terms of security that is) than the accepted answer would be:
ActionMailer::Base.smtp_settings = {
:address => "mail.foo.com",
:port => 587,
:domain => "foo.com",
:user_name => "[email protected]",
:password => "foofoo",
:authentication => "plain",
:enable_starttls_auto => true,
:openssl_verify_mode => 'none'
}
这样您仍将使用加密,但证书验证将被禁用(并且您不会收到任何错误).
This way you'll still be using encryption, but the validation of the certificate would be disabled (and you won't be getting any errors).
这篇关于Rails 3:OpenSSL::SSL::SSLError:主机名与服务器证书不匹配的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!