I am getting below error while sending mail through amazon SES - codeigniter

I am getting below error message
A PHP Error was encountered
Severity: Warning
Message: fsockopen(): Peer certificate CN=`15-206-188-47.cprapid.com' did not match expected CN=`email-smtp.ap-south-1.amazonaws.com'
Filename: libraries/Email.php
Line Number: 2070
Backtrace:
Double-check that you are using the correct SMTP endpoint for the Amazon SES region where your account is located. If you are not sure, you can find the correct endpoint in the Amazon SES documentation.
it's correct
Ensure that the server you are connecting to is actually an Amazon SES server. It's possible that you are accidentally connecting to a different server that is presenting a mismatched certificate.
it's actually correcting to amazone ses server
Check that your local DNS is resolving the correct IP address for the Amazon SES SMTP endpoint. You can try using the nslookup or dig command to check the IP address.
how can i check this ?
If none of the above steps work, it's possible that there is an issue with the SSL certificate on the server side. In this case, you may need to contact Amazon SES support to report the issue and get further assistance. They can help you determine if the certificate presented by the server is valid and properly configured.
what should i do here ?
I found above solution for issue and can any one help me to resolved this.

Related

Unable to connect to remote HTTPS API's without DNS - Istio

I have a Service which is running in Istio 1.16 with envoy sidecar injection enabled.
The service connect with a remote API every now and then to send the health information.
The remote end point is https but without having a domain name, yeah the endpoint have to be invoked like https://168.x.x.x/http/health. I could see the connection is working fine with another API but with a proper hostname.
So the issue is clearly with the DNS resolution, I am not great with networking. So, you folks should help me out.
This is the error i get from the server (of service).
x509: cannot validate certificate for because it doesn't contain any IP SANs
Istio version - 1.16
Kubernetes - 1.24
golang (service) - 1.19
Can we bypass this x509 SAN check using destination Rules?
The error "x509: certificate has expired or is not yet valid" usually occurs when the SSL certificate being used has expired or has not yet been activated. This error can also occur when the certificate being used is not valid for the domain or IP address that the request is being sent to.
To resolve this issue, you will need to either obtain a new valid SSL certificate or renew the existing certificate.
You can check your certificate expiration date by using the below command:
kubeadm certs check-expiration
Refer to this SO for more detailed steps.

'503 Failed authentication on backend server: Unauthorized' when logging on to OWA

When logging on to OWA using a browser, receive a 503 error. In the Fiddler trace will see a more detailed response status code:
503 Failed authentication on backend server: Unauthorized
On the Exchange Server, see the following System event log (intermittently):
Event 4 Security-Kerberos
The Kerberos client received a KRB_APP_ERR_MODIFIED error from the server exchangeserver$.
The target name used was HTTP/exchangeserver.ad.root.
This indicates that the target server failed to decrypt the ticket provided by the client.
I hope someone only receives this in a lab environment!
Here is a link to enable Kerberos logging, which could be helpful as well: https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/enable-kerberos-event-logging
After enabling Kerberos logging, would see the KRB_APP_ERR_MODIFIED error more frequently, whereas before would not be logged each time a logon attempt occurred.
The issue here (in the lab) was that a duplicate SPN for the Exchange Server in question was added erroneously to another server, causing a duplicate. This was due to trying to enable Kerberos delegation for a separate web application.
Although there could be a quicker way to do this, you can list the SPNs on each server to look for your erroneous exchangeserver record by running
setspn -l otherservername (this is a lower-case L)
And if you find that SPNs like http/exchangeserver or http/exchangeserver.ad.root are listed on another server (say 'otherservername'), you can carefully remove them by running
setspn -D http/exchangeserver otherservername
setspn -D http/exchangeserver.ad.root otherservername
I was able to logon to OWA immediately after the duplicate SPN was removed, without restarting any servers or services.
Check, if the bindings for Exchange Backend website in IIS is correctly configured. You can check this by visiting IIS console in the server and open bindings for Backend website for 443 port. See, if the certificate is assigned well
Also, check, if the Default website's binding is correct. It should have thirdparty SSL certificate assigned or the self signed certificate
If any of the bindings are incorrect, fix it and restart IIS (iisrest from cmd prompt). Check again

Laravel cannot not connect to Stripe

I have trouble connecting to Stripe with my Laravel / React application. Locally it works and the same code on a Digital Ocean droplet doesn't. I get this message:
Could not connect to Stripe (https://api.stripe.com/v1/invoices/upcoming?customer=cus_XXXXXXXXXX). Please check your internet connection and try again. If this problem persists, you should check Stripe's service status at https://twitter.com/stripestatus, or let us know at support#stripe.com. (Network error [errno 7]: )
That is the error message from Laravel. The important part is (Network error [errno 7]: ). It has to do with CURL that encounters this error: CURLE_COULDNT_CONNECT (error code 7).
Also I would expect something like this (Network error [errno 7]: Failed connect to api.stripe.com:443; Operation now in progress). Not a blank space after the colon.
I have tried this:
The server uses SSL (https://xxxxx.xxx)
Reboot the server
Redeploy the application
Clear caches for config, route, view etc.
php artisan optimize:clear
Re-run composer
Checked my Stripe API keys
Tried manually to connect fromt the shell with curl and it works.
Tried https://github.com/stripe/stripe-reachability#stripe-reachability
For reference, you can see the error on https://curl.haxx.se/libcurl/c/libcurl-errors.html and means :
CURLE_COULDNT_CONNECT (7) - Failed to connect() to host or proxy.
This is not an issue in the code, you may need to check your server hosting provider.
BTW, you may need to look at This answer. It's the same.
It is solved with him by changing the server and when communicating with the host provider, he found that the port is blocked because of high traffic.

Mandrill SMTP with Swiftmail in Laravel - works local, breaks on hosting

When users are registered Laravel fires of a welcome email using Swiftmail configured to use SMTP with Mandrill. With the existing config, this works perfectly on my local installation.
When moving to the production server (Unmanaged, CentOS with WHM/Cpanel), the first HELO fails, giving this error:
Swift_TransportException in AuthHandler.php line 181:
Failed to authenticate on SMTP server with username "info#mydomain.com" using 2 possible
authenticators
in AuthHandler.php line 181
at Swift_Transport_Esmtp_AuthHandler->afterEhlo(object(Swift_SmtpTransport)) in
EsmtpTransport.php line 307
All other questions I can find with this error are about Gmail needing to have it's authentication weakened to allow the connection. This is directly with Mandrill so such things can't be the issue.
I've already checked the correct port (578) is open - nmap says it is.
That the credentials in mail.php are valid - API key is correct, so is user information.
And that the server can access the remote server - I can telnet smtp.mandrillapp.com without issue.
I'm running out of things to test for to fix.
Any suggestions welcome, and thank you in advance!

The server response was: 4.7.0 Temporary server error. Please try again later. PRX3

I just setup an Exchange 2013 server hosted on the same machine as the Active Domain Controller.
I tested the connectivity of the server , I found that the mailbox can only send email to external mailbox however it can't receive any mail either from external mail or internal mail.
I ran the Exchange connectivity analyzer for inbound mail and it failed with the following message.
The server returned status code 451 - Error in processing. The server response was: 4.7.0 Temporary server error. Please try again later. PRX3
I did a search on technet forum and found the following thread
http://social.technet.microsoft.com/Forums/exchange/en-US/288e1619-ce56-4c3a-8bb1-4886835520fe/delivery-fails-the-server-response-was-470-temporary-server-error-please-try-again-later?forum=exchangesvrdeploy
but no luck , i dont know how to set an alternative host, would somebody please help.
error details:
Message: Error in processing. The server response was: 4.7.0 Temporary server error. Please try again later. PRX3
Type: System.Net.Mail.SmtpException
Stack trace:
at System.Net.Mail.DataStopCommand.CheckResponse(SmtpStatusCode statusCode, String serverResponse)
at System.Net.Mail.DataStopCommand.Send(SmtpConnection conn)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.Exchange.Tools.ExRca.Tests.SmtpMessageTest.PerformTestReally()
The server returned status code 451 - Error in processing. The server response was: 4.7.0 Temporary server error. Please try again later. PRX3
Exception details:
Message: Error in processing. The server response was: 4.7.0 Temporary server error. Please try again later. PRX3
Type: System.Net.Mail.SmtpException
Stack trace:
at System.Net.Mail.DataStopCommand.CheckResponse(SmtpStatusCode statusCode, String serverResponse)
at System.Net.Mail.DataStopCommand.Send(SmtpConnection conn)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.Exchange.Tools.ExRca.Tests.SmtpMessageTest.PerformTestReally()
Elapsed Time: 3107 ms.
The server returned status code 451 - Error in processing. The server response was: 4.7.0 Temporary server error. Please try again later. PRX3
Exception details:
Message: Error in processing. The server response was: 4.7.0 Temporary server error. Please try again later. PRX3
Type: System.Net.Mail.SmtpException
Stack trace:
at System.Net.Mail.DataStopCommand.CheckResponse(SmtpStatusCode statusCode, String serverResponse)
at System.Net.Mail.DataStopCommand.Send(SmtpConnection conn)
at System.Net.Mail.SmtpClient.Send(MailMessage message)
at Microsoft.Exchange.Tools.ExRca.Tests.SmtpMessageTest.PerformTestReally()
Elapsed Time: 3107 ms.
Normally, send and recieving of emails is the function of Hub Transport services. in your case, you installed MS Exchange 2013 on a domain controller that is not a recommended practice. try to install MS Exchange 2013 on a separate member server not on a DC. Moreover, if its a test environment then open services snap-in and choose "Active Directory Topology Service" open its property page and on Log-on page select Admin user with password from AD and that user must have following security group memberships
Enterprise Admin
Schema Admin
Organization Management
Domain Admin
and restart the service that shall result in all exchange server services to be restarted automatically. if you feel any problem in restarting the services then simply restart your machine.
do let me know if it helps :)
Regards,
Adnan.
Add these lines to your servers hosts file (c:\windows\system32\Drivers\etc)
(replace servername, domain and IP with your servers)
192.168.1.5 servername
192.168.1.5 servername.domain.local
Restart Microsoft Exchange Transport and Microsoft Exchange Frontend Transport services
source: http://social.technet.microsoft.com/Forums/exchange/en-US/fc26dac5-d4e2-49da-903d-361ea8b85388/451-470-temporary-server-error-please-try-again-later-prx5?forum=exchangesvrgeneral
DNS issue.
Similar to your Exchange 2013 setup where DNS setup MUST only contain one IP address in the list of primary and backup DNS servers (for some reason unknown, providing MORE than one address in the Exchange config for DNS confuses the crap out of Exchange 2013) providing MORE than one IP address in the NIC card, (IV4 in my case) settings for DNS causes Exchange 2013 confusion when attempt to DNS the DC name.
Eliminating one of (the two DNS server IP addresses I had specified) IP criteria for the ONE active NIC card, resulting in ONLY one IP address on the server solved my exchange errors:
"The server response was: 4.7.0 Temporary server error. Please try again later. PRX3 Type: System.Net.Mail.SmtpException"
Like others in this thread, the failures were intermittent. The number seems to be 1/3 failures, 2/3 success, which makes for a very frustrating analysis as you make a change, the messages begin to flow and you think you have solved the issue, only to have the issue manifest again 1 hour later :(
A bit of searching revealed the answer:
In my home lab environment I currently only have 1 domain controller, so naturally, I put my router as my secondary DNS server on all my configurations.
This results in the above error message. I simply removed the secondary DNS which does not point to my internal DNS/Domain Controller and now I am able to receive an email.
Forwarding typically would be handled by the DNS servers in your environment, so a secondary public DNS would not be configured in a typical production environment. In a home Lab potentially you might run into this problem.
Source

Resources