hostname does not match the server certificate - cannot send email

Question

I am using Pony mail to send email messages (because I could never get ActionMailer to work on my local Windows box).

The code in my user_mailer.rb file include this call to the Pony.mail method:

Pony.mail({
  :to => email_address, 
  :from => 'MyChairSales <support@mychairsales.com>', 
  :subject => subject, 
  :body => email_body, 
  :html_body => html_body,
  :via => :smtp,
  :via_options => {
    :address              => 'mail.mychairsales.com',
    :port                 => '25',
    :enable_starttls_auto => true,
    :user_name            => 'mychairs',
    :password             => 'thepassword',
    :domain               => "mychairsales.com" # the HELO domain provided by the client to the server
  } 
 })

This was working (I have received email using this method) but is now failing with the error "hostname does not match the server certificate".

Here is the top of the stack trace:

["/usr/lib64/ruby/1.9.3/openssl/ssl-internal.rb:121:in `post_connection_check'",
"/usr/lib64/ruby/1.9.3/net/smtp.rb:585:in `tlsconnect'", "/usr/lib64/ruby/1.9.3
/net/smtp.rb:560:in `do_start'", "/usr/lib64/ruby/1.9.3/net/smtp.rb:519:in `start'", 
"/home4/mychairs/ruby/gems/gems/mail-2.4.4/lib/mail/network/delivery_methods
/smtp.rb:144:in `deliver!'", "/home4/mychairs/ruby/gems/gems/mail-2.4.4/lib
/mail/message.rb:245:in `deliver!'", "/home4/mychairs/ruby/gems/gems/pony-1.4/lib
/pony.rb:166:in `deliver'", "/home4/mychairs/ruby/gems/gems/pony-1.4/lib
/pony.rb:138:in `mail'", "/home4/mychairs/rails_apps/chairsales/app/mailers
/user_mailer.rb:32:in `send_mail'", "/home4/mychairs/rails_apps/chairsales/app/mailers
/user_mailer.rb:23:in `send_password_reset_email'",...

Any guidance would be greatly appreciated!

Answer 1

A bit late but I also encountered this error but with the Ruby Mail gem. If your SMTP server supports TLS, it will attempt to use TLS and authenticate the SSL certificate. If the certificate is issued for a hostname other than the one used or if the certificate cannot be authenticated (for example if it's self-signed and you don't trust the CA), then it will fail with the error "hostname does not match the server certificate".

To get around it, use the :openssl_verify_mode option. This can be set to OpenSSL::SSL::VERIFY_NONE to do no verification of the certificate - it will still encrypt the SMTP session though. Or there are other options available within the OpenSSL library.

Using your example, it would be:

Pony.mail({
  :to => email_address, 
  :from => 'MyChairSales <support@mychairsales.com>', 
  :subject => subject, 
  :body => email_body, 
  :html_body => html_body,
  :via => :smtp,
  :via_options => {
    :openssl_verify_mode => OpenSSL::SSL::VERIFY_NONE, 
    :address              => 'mail.mychairsales.com',
    :port                 => '25',
    :enable_starttls_auto => true,
    :user_name            => 'mychairs',
    :password             => 'thepassword',
    :domain               => "mychairsales.com" # the HELO domain provided by the client to the server
  } 
 })

This also works for the Mail gem as well.