=================================== solution to certificate verification failed for smtp.gmail.com
via update Equifax Secure Certificate Authority
==================================== Error: in /var/log/mail.log May 28 12:39:10 services@iesensor.com postfix/smtp[10839]: Untrusted TLS connection established to smtp.gmail.com
[209.85.143.109]:587: TLSv1 with cipher RC4-SHA (128/128 bits) certificate verification failed for smtp.gmail.com[209.85.143.109]:587: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority -------------------- No matter you Setup the Gmail certification using the any turial,
just look up smtpd_tls_CAfile= in main.cf # there is no dash/undersocre between `CA` and `file` for : `CAfile` smtpd_tls_CAfile = /etc/postfix/cacert.pem https://www.geotrust.com/resources/root-certificates/index.html #Download the first Root CA 1; and use the DER version openssl x509 -inform der -in Equifax_Secure_Certificate_Authority_DER.cer
-out Equifax_Secure_Certificate_Authority.pem
#also yo can test the certificate by typing at the command promt
openssl verify Equifax_Secure_Certificate_Authority.pem
#append this file content pem to the end of your file: cacert.pem
sudo postfix reload
test with your mail/script
for example:
===================================================
#!/usr/bin/python
import smtplib
sender = 'services@iesensor.com'
receivers = ['services@iesensor.com']
message = """From: From Person <services@iesensor.com>
To: To Person <services@iesensor.com>
Subject: SMTP e-mail test from services@iesensor.com
This is a test e-mail message from services@iesensor.com.
"""
try:
smtpObj = smtplib.SMTP('localhost')
smtpObj.sendmail(sender, receivers, message)
print "Successfully sent email"
except SMTPException:
print "Error: unable to send email"
==============================================