Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Self signed certificate #233

Open
cecilcosta opened this issue Mar 8, 2020 · 8 comments
Open

Self signed certificate #233

cecilcosta opened this issue Mar 8, 2020 · 8 comments

Comments

@cecilcosta
Copy link

Whenever I try to connect to Google's IMAP it fails due to a self-signed certificate

[DEBUG][2020-03-08T15:37:16.582Z][1][taitor46][imap.gmail.com] Connecting to imap.gmail.com : 993 [DEBUG][2020-03-08T15:37:16.587Z][1][taitor46][imap.gmail.com] Entering state: 1 (node:38836) UnhandledPromiseRejectionWarning: Error: Could not open socket: self signed certificate at TCPSocket.socket.onerror (/Users/tutorspace/Workspace/emailtest/node_modules/emailjs-imap-client/dist/imap.js:161:16) at TCPSocket._emit (/Users/tutorspace/Workspace/emailtest/node_modules/emailjs-tcp-socket/dist/node-socket.js:100:32) at TLSSocket.<anonymous> (/Users/tutorspace/Workspace/emailtest/node_modules/emailjs-tcp-socket/dist/node-socket.js:74:18) at TLSSocket.emit (events.js:311:20) at emitErrorNT (internal/streams/destroy.js:92:8) at emitErrorAndCloseNT (internal/streams/destroy.js:60:3) at processTicksAndRejections (internal/process/task_queues.js:84:21)

I had a similar issue when using imap-simple and it seems that we had to specify the host name.

tlsOptions: { servername: 'imap.gmail.com' }

Such option doesn't seem to exist here (at least I couldn't find it).
Can you please check it? Testing with a gmail account is very straight away.
@ctobtb
Copy link

ctobtb commented Mar 29, 2020

@cecilcosta Have you enable "Less Secured App Access" on the Gmail account you're testing your code?

@cecilcosta
Copy link
Author

@ctobtb YEs, it was enabled. Actually, it was working with imap, and simple imap adding the option tlsOptions: { servername: 'imap.gmail.com' }

@pavel-omelchuk
Copy link

@ctobtb If you need a fast and rough solution, that may help:
process.env.NODE_TLS_REJECT_UNAUTHORIZED='0';

@MarcoCatalan
Copy link
Contributor

@cecilcosta Take a look at this: nodejs/node#28167

@alanarentsen
Copy link

alanarentsen commented Jun 17, 2020
edited
Loading

It clearly has to do with how Node handles the opening of the Socket. I moved from Node12 to Node10 and I did not encounter this problem anymore. I know it is not a fix but maybe helpful.

@stellarhoof
Copy link

This has already been fixed in emailjs-tcp-socket's master: emailjs/emailjs-tcp-socket#75. All they need to do is cut a release and bump the dep here.

@mmozcelik
Copy link

Are there any recent fix or production level workaround for this issue (NODE_TLS_REJECT_UNAUTHORIZED env variable seems like not a good practice at production)?

@stellarhoof suggested a PR to provide tlsOptions with servername parameter. And seems like it would work.

@ejnshtein
Copy link

Here I go with the same issue...
I believe that that's highly unlikely that emailjs-tcp-socket package will be released with a fix, so I guess we will need to use patching 🤔

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@mmozcelik @stellarhoof @cecilcosta @MarcoCatalan @ejnshtein @alanarentsen @pavel-omelchuk @ctobtb