starred/unifi-voucher-site

Fork 0

mirror of https://github.com/glenndehaan/unifi-voucher-site.git synced 2026-05-09 08:25:29 +02:00

[GH-ISSUE #44] SMTP Issue #24

New issue

Closed

opened 2026-05-07 00:17:46 +02:00 by BreizhHardware · 3 comments

BreizhHardware commented

2026-05-07 00:17:46 +02:00

Owner

Originally created by @g-guglielmi on GitHub (Oct 8, 2024).
Original GitHub issue: https://github.com/glenndehaan/unifi-voucher-site/issues/44

Originally assigned to: @glenndehaan on GitHub.

The problem

Even when specifying the "SMTP_SECURE: false" parameter in the configuration file, the connection to the local mail server using the private IP gives the error "[Mail] Hostname/IP does not match certificate's altnames: IP: 10.xxx.xxx.xxx is not in the cert's list:".

It would be nice to add a skip certificate check parameter. I found the following parameter online for the nodemailer connection:

tls: {
            // do not fail on invalid certs
            rejectUnauthorized: false
        },

What version of UniFi Voucher Site has the issue?

4.1.3

What was the last working version of UniFi Voucher Site?

No response

What type of installation are you running?

Docker

Anything in the logs that might be useful for us?

2024-10-08 07:40:11.056 ERROR [Mail] Error when sending mail
2024-10-08 07:40:11.056 ERROR Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: IP: 10.xxx.xxx.xxx is not in the cert's list: 
    at Object.checkServerIdentity (node:tls:337:12)
    at TLSSocket.onConnectSecure (node:_tls_wrap:1684:27)
    at TLSSocket.emit (node:events:519:28)
    at TLSSocket._finishInit (node:_tls_wrap:1085:8)
    at ssl.onhandshakedone (node:_tls_wrap:871:12) {
  code: 'ESOCKET',
  reason: "IP: 10.xxx.xxx.xxx is not in the cert's list: ",
  host: '10.xxx.xxx.xxx',

Additional information

Another strange behaviour.
To work around this issue, I created in docker a "hosts file entry", so that I was using the correct hostname and not the local IP.
But this also doesn't work. I get a "Connection Timeout error". The unifi network app on the same docker host with this configuration works perfectly.

2024-10-08 07:50:44.039 ERROR Error: Connection timeout
    at SMTPConnection._formatError (/app/node_modules/nodemailer/lib/smtp-connection/index.js:807:19)
    at SMTPConnection._onError (/app/node_modules/nodemailer/lib/smtp-connection/index.js:793:20)
    at Timeout.<anonymous> (/app/node_modules/nodemailer/lib/smtp-connection/index.js:237:22)
    at listOnTimeout (node:internal/timers:573:17)
    at process.processTimers (node:internal/timers:514:7) {
  code: 'ETIMEDOUT',
  command: 'CONN'
}

Originally created by @g-guglielmi on GitHub (Oct 8, 2024). Original GitHub issue: https://github.com/glenndehaan/unifi-voucher-site/issues/44 Originally assigned to: @glenndehaan on GitHub. ### The problem Even when specifying the "SMTP_SECURE: false" parameter in the configuration file, the connection to the local mail server using the private IP gives the error "[Mail] Hostname/IP does not match certificate's altnames: IP: 10.xxx.xxx.xxx is not in the cert's list:". It would be nice to add a skip certificate check parameter. I found the following parameter online for the nodemailer connection: ``` tls: { // do not fail on invalid certs rejectUnauthorized: false }, ``` ### What version of UniFi Voucher Site has the issue? 4.1.3 ### What was the last working version of UniFi Voucher Site? _No response_ ### What type of installation are you running? Docker ### Anything in the logs that might be useful for us? ```Text 2024-10-08 07:40:11.056 ERROR [Mail] Error when sending mail 2024-10-08 07:40:11.056 ERROR Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames: IP: 10.xxx.xxx.xxx is not in the cert's list: at Object.checkServerIdentity (node:tls:337:12) at TLSSocket.onConnectSecure (node:_tls_wrap:1684:27) at TLSSocket.emit (node:events:519:28) at TLSSocket._finishInit (node:_tls_wrap:1085:8) at ssl.onhandshakedone (node:_tls_wrap:871:12) { code: 'ESOCKET', reason: "IP: 10.xxx.xxx.xxx is not in the cert's list: ", host: '10.xxx.xxx.xxx', ``` ### Additional information Another strange behaviour. To work around this issue, I created in docker a "hosts file entry", so that I was using the correct hostname and not the local IP. But this also doesn't work. I get a "Connection Timeout error". The unifi network app on the same docker host with this configuration works perfectly. ``` 2024-10-08 07:50:44.039 ERROR Error: Connection timeout at SMTPConnection._formatError (/app/node_modules/nodemailer/lib/smtp-connection/index.js:807:19) at SMTPConnection._onError (/app/node_modules/nodemailer/lib/smtp-connection/index.js:793:20) at Timeout.<anonymous> (/app/node_modules/nodemailer/lib/smtp-connection/index.js:237:22) at listOnTimeout (node:internal/timers:573:17) at process.processTimers (node:internal/timers:514:7) { code: 'ETIMEDOUT', command: 'CONN' } ```

BreizhHardware

2026-05-07 00:17:46 +02:00

closed this issue
added the
bug
label

BreizhHardware commented

2026-05-07 00:17:47 +02:00

Author

Owner

@glenndehaan commented on GitHub (Oct 8, 2024):

Hi @ginlik1996,

I have just released version 4.1.4. This should fix 2 issues.

There was an instance where the 'SMTP_SECURE' variables was not read correctly and therefore could potentially set it to true even if it was set to false.
I have now disabled the TLS certificate checks as you also described since this could potentially affect other people in the future.

The other issue you describe with the hosts file is indeed another strange one. The problem here is that this is not an easy one for me to reproduce. Therefore I hope that these 2 patches will fix the issue without you requiring to hotfix the hosts file.

@glenndehaan commented on GitHub (Oct 8, 2024): Hi @ginlik1996, I have just released version 4.1.4. This should fix 2 issues. 1. There was an instance where the 'SMTP_SECURE' variables was not read correctly and therefore could potentially set it to true even if it was set to false. 2. I have now disabled the TLS certificate checks as you also described since this could potentially affect other people in the future. The other issue you describe with the hosts file is indeed another strange one. The problem here is that this is not an easy one for me to reproduce. Therefore I hope that these 2 patches will fix the issue without you requiring to hotfix the hosts file.

BreizhHardware commented

2026-05-07 00:17:48 +02:00

Author

Owner

@g-guglielmi commented on GitHub (Oct 8, 2024):

Thank you for the fast response!
I'll try it ASAP.

The strange thing with the host entry, is that if i open the console i can ping it and it gets resolved correctly.
But if the fix that you implemented works as expected i won't bother to use the host entry.

Thanks!

@g-guglielmi commented on GitHub (Oct 8, 2024): Thank you for the fast response! I'll try it ASAP. The strange thing with the host entry, is that if i open the console i can ping it and it gets resolved correctly. But if the fix that you implemented works as expected i won't bother to use the host entry. Thanks!

BreizhHardware commented

2026-05-07 00:17:49 +02:00

Author

Owner

@g-guglielmi commented on GitHub (Oct 8, 2024):

Tested the new release and now is working correctly using the "SMTP_SECURE" variable.
Thanks for the amazing work!

@g-guglielmi commented on GitHub (Oct 8, 2024): Tested the new release and now is working correctly using the "SMTP_SECURE" variable. Thanks for the amazing work!