[英]Connect to smtp server with client certificate (without password) from php script and send email
I need to implement a script to send emails on behalf of an existing email server. 我需要实现一个脚本来代表现有电子邮件服务器发送电子邮件。 The emails server supports only one way of authentication which is "Client Certificate Authentication". 电子邮件服务器仅支持一种身份验证方式,即“客户端证书身份验证”。 I only have an email address and a certificate to authenticate through my php script (no password), and send emails. 我只有一个电子邮件地址和一个证书,可以通过我的php脚本进行身份验证(没有密码),并发送电子邮件。 and that is the only thing I know about the server :(. 那是我对服务器:(。
I have not much idea about client certificate authentication, have searched over already but could not find any useful documents for the particular case. 我对客户端证书身份验证没有太多了解,已经进行了搜索,但是找不到针对特定情况的任何有用的文档。
Can some buddy pleas point me to the right direction ? 可以通过一些好友请求将我指向正确的方向吗?
Good question. 好问题。 This is a bit of a guess, but I would expect that you need to disable normal auth and provide the client cert via the stream context options passed to the TLS connection. 这只是一个猜测,但是我希望您需要禁用普通身份验证,并通过传递给TLS连接的流上下文选项提供客户端证书。
I suggest these changes over a regular PHPMailer SMTP+STARTTLS connection: 我建议通过常规的PHPMailer SMTP + STARTTLS连接进行以下更改:
$mail->SMTPSecure = 'tls';
$mail->Port = 587;
$mail->SMTPAuth = false;
$mail->SMTPOptions = [
'ssl' => [
'verify_peer' => true,
'local_cert' => '/path/to/client_cert_and_key.pem'
]
];
The local cert file should contain both the client private key and certificate in PEM format. 本地证书文件应同时包含客户端私钥和PEM格式的证书。
Look at this example for more complete code that uses SSL stream context options. 在此示例中查看使用SSL流上下文选项的更完整的代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.