Since version 5.6+ PHP is verifying peer certificates and host names by default when using SSL/TLS. This is causing problems on some servers / websites, where the config has not been setup correctly. If you can not fix the setup yourself, make sure to talk to your server host to fix that issue.

For PHPMailer (Github) there is a workaround:

$mail->SMTPOptions = array(
    'ssl' => array(
        'verify_peer' => false,
        'verify_peer_name' => false,
        'allow_self_signed' => true
    )
);

$mail->SMTPOptions = array(

'ssl' => array(

'verify_peer' => false,

'verify_peer_name' => false,

'allow_self_signed' => true

)

);

This should only be a workaround until your configuration has been fixed. You are suppressing certificate verification and compromising your security!

As WordPress is using PHPMailer as its main email library, this can be tweaked by using the phpmailer_init hook:

add_action( 'phpmailer_init', 'configure_smtp'  );

function configure_smtp( $phpmailer ){
 $phpmailer->SMTPOptions = array(
    'ssl' => array(
        'verify_peer' => false,
        'verify_peer_name' => false,
        'allow_self_signed' => true
    )
 );
}

add_action( 'phpmailer_init', 'configure_smtp' );

function configure_smtp( $phpmailer ){

$phpmailer->SMTPOptions = array(

'ssl' => array(

'verify_peer' => false,

'verify_peer_name' => false,

'allow_self_signed' => true

)

);

}

Add this to your themes functions.php.

BASIC PHPMAILER SETUP

$phpmailer = new PHPMailer();
$phpmailer->isSMTP();
$phpmailer->CharSet = 'UTF-8';
$phpmailer->SMTPSecure = "ssl"; // or tls
$phpmailer->SMTPAuth = true; 
$phpmailer->Username = _APP_EMAIL_FROM;
$phpmailer->Password = _APP_EMAIL_PASS;
$phpmailer->XMailer =' ';
$phpmailer->Host= "correct email host";

$phpmailer = new PHPMailer();

$phpmailer->isSMTP();

$phpmailer->CharSet = 'UTF-8';

$phpmailer->SMTPSecure = "ssl"; // or tls

$phpmailer->SMTPAuth = true;

$phpmailer->Username = _APP_EMAIL_FROM;

$phpmailer->Password = _APP_EMAIL_PASS;

$phpmailer->XMailer =' ';

$phpmailer->Host= "correct email host";

And here is how phpmailer->smtpOptions should be used, on a properly configured server:

phpmailer->smtpOptions = array(
'ssl' => array(
          'peer_name'		  => 'your.domain.com',
          'verify_peer_name'    => true,
          'capath' 		     => '/path/to/authority/certificates/directory' # Usually /etc/ssl/certs or /usr/lib/ssl/certs/
          'local_cert' 		  => '/path/to/your.domain.com.crt', # Should be a combined cert & key in pem format
          'verify_peer'            => true,
    )
);

phpmailer->smtpOptions = array(

'ssl' => array(

'peer_name' => 'your.domain.com',

'verify_peer_name' => true,

'capath' => '/path/to/authority/certificates/directory' # Usually /etc/ssl/certs or /usr/lib/ssl/certs/

'local_cert' => '/path/to/your.domain.com.crt', # Should be a combined cert & key in pem format

'verify_peer' => true,

)

);

SSL changes in PHP 5.6: http://php.net/manual/en/migration56.openssl.php
SSL context options in PHP: http://php.net/manual/en/context.ssl.php

Enjoy coding…

4 Comments

Oldest

Newest Most Voted

Inline Feedbacks

View all comments

Michael Rimbach

6 years ago

You code is not correct, one “->” is to mutch :)
$phpmailer->->SMTPOptions should be $phpmailer->SMTPOptions

Author

Alex

Reply to Michael Rimbach

Thanks Michael, has been fixed.
Regards
Alex

Itamar Megged

thanks a lot, finally a good and full explanation for WP!

Reply to Itamar Megged

Glad i could help :)

PHP 5.6 + phpMailer + WordPress + Connection Errors

BASIC PHPMAILER SETUP

Alexander