Search code examples
phpauthenticationsslgmail

The way we authenticate users no longer works, gives authentication error

I have this PHP function:

public static function smtpmailer($to, $from, $from_name, $subject, $body) { 
    $mail = new PHPMailer();  // create a new object
    $mail->IsSMTP(); // enable SMTP
    $mail->SMTPDebug = 0;  // debugging: 1 = errors and messages, 2 = messages only
    $mail->SMTPAuth = true;  // authentication enabled
    $mail->SMTPSecure = 'ssl'; // secure transfer enabled REQUIRED for GMail
    $mail->Host = 'smtp.gmail.com';
    $mail->Port = 465; 
    $mail->Username = "[email protected]";  
    $mail->Password = "somepassword";           
    $mail->SetFrom($from, $from_name);
    $mail->Subject = $subject;
    $mail->Body = $body;
    if (is_string($to)) {
        $to = array($to);
    }
    foreach ($to as $t) {
        $mail->AddAddress($t);
    }
    if(!$mail->Send()) {
        $error = 'Mail error: '.$mail->ErrorInfo; 
        return false;
    } else {
        $error = 'Message sent!';
        return true;
    }
}

This was successfully used before, but now it gives me an error I do not understand:

string(1553) "Warning [2] stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Some authentication does not pass, but both the username and password is correct. This was used from URL1 successfully before and I copied this code to another site, having URL2. However, the error mentioned above occurred. When I tried this at URL1, to find out whether this is a settings problem in my gmail account used for email verification, I encountered the same error. My question is: what should I fix and how in order to be able to successfully send an authentication email in terms of settings of the gmail account and the code I've shown above?

EDIT

Differences between this question and the one marked as the on this being duplicate with:

  • this is a question involving PHP code, that question is about Pythonic problems
  • this question is very specific about gmail usage and the desire of comply to google smtp terms and policies
  • the other question is about file downloading, this one is about sending an email from a given gmail address
  • the other question is about a popup with certificates in the browser, things here happen on server-side
Solution

  • The steps for the solution were as follows:

    1. Make sure that the gmail account allows access from the app. You can do this by going to the settings of the account and Let Less Secure apps use your account,

    2. Make sure that PHPMailer corresponds to the PHP version in use

    3. We need the following settings:

    $mail->SMTPSecure = 'tls'; // secure transfer enabled REQUIRED for GMail $mail->Host = 'smtp.gmail.com'; $mail->Port = 587;

    1. Also, make sure we set the SMTPOptions:

      $mail->SMTPOptions = array(
'ssl' => array(
        'verify_peer' => false,
        'verify_peer_name' => false,
        'allow_self_signed' => true
    )
);