I am using Pony mail to send email messages (because I could never get ActionMailer to work on my local Windows box).
The code in my user_mailer.rb file include this call to the Pony.mail method:
Pony.mail({
:to => email_address,
:from => 'MyChairSales <[email protected]>',
:subject => subject,
:body => email_body,
:html_body => html_body,
:via => :smtp,
:via_options => {
:address => 'mail.mychairsales.com',
:port => '25',
:enable_starttls_auto => true,
:user_name => 'mychairs',
:password => 'thepassword',
:domain => "mychairsales.com" # the HELO domain provided by the client to the server
}
})
This was working (I have received email using this method) but is now failing with the error "hostname does not match the server certificate".
Here is the top of the stack trace:
["/usr/lib64/ruby/1.9.3/openssl/ssl-internal.rb:121:in `post_connection_check'",
"/usr/lib64/ruby/1.9.3/net/smtp.rb:585:in `tlsconnect'", "/usr/lib64/ruby/1.9.3
/net/smtp.rb:560:in `do_start'", "/usr/lib64/ruby/1.9.3/net/smtp.rb:519:in `start'",
"/home4/mychairs/ruby/gems/gems/mail-2.4.4/lib/mail/network/delivery_methods
/smtp.rb:144:in `deliver!'", "/home4/mychairs/ruby/gems/gems/mail-2.4.4/lib
/mail/message.rb:245:in `deliver!'", "/home4/mychairs/ruby/gems/gems/pony-1.4/lib
/pony.rb:166:in `deliver'", "/home4/mychairs/ruby/gems/gems/pony-1.4/lib
/pony.rb:138:in `mail'", "/home4/mychairs/rails_apps/chairsales/app/mailers
/user_mailer.rb:32:in `send_mail'", "/home4/mychairs/rails_apps/chairsales/app/mailers
/user_mailer.rb:23:in `send_password_reset_email'",...
Any guidance would be greatly appreciated!
This problem can be fixed by simply removing the erroneous certificate from the server and replacing it with the correct certificate file.
A common name mismatch error occurs when the common name or SAN of your SSL/TLS Certificate does not match the domain or address bar in the browser. This can happen simply by visiting https://example.com instead of https://www.example.com if the certificate does not have them both listed in the SAN of the certificate.
If you purchased a dedicated IP address and an SSL certificate was installed immediately afterward, the domain can still be associated with the previous IP address. To solve the problem, just wait a while. As soon as the DNS records are updated, the error will disappear.
The certificate is valid only if the request hostname matches the certificate common name. Most web browsers display a warning message when connecting to an address that does not match the common name in the certificate.
A bit late but I also encountered this error but with the Ruby Mail gem. If your SMTP server supports TLS, it will attempt to use TLS and authenticate the SSL certificate. If the certificate is issued for a hostname other than the one used or if the certificate cannot be authenticated (for example if it's self-signed and you don't trust the CA), then it will fail with the error "hostname does not match the server certificate".
To get around it, use the :openssl_verify_mode option. This can be set to OpenSSL::SSL::VERIFY_NONE to do no verification of the certificate - it will still encrypt the SMTP session though. Or there are other options available within the OpenSSL library.
Using your example, it would be:
Pony.mail({
:to => email_address,
:from => 'MyChairSales <[email protected]>',
:subject => subject,
:body => email_body,
:html_body => html_body,
:via => :smtp,
:via_options => {
:openssl_verify_mode => OpenSSL::SSL::VERIFY_NONE,
:address => 'mail.mychairsales.com',
:port => '25',
:enable_starttls_auto => true,
:user_name => 'mychairs',
:password => 'thepassword',
:domain => "mychairsales.com" # the HELO domain provided by the client to the server
}
})
This also works for the Mail gem as well.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With