How to disable checking of the mail serves certificate in PHPMailer code SMTP Options
$mail->SMTPOptions = [
‘ssl’ => [
‘verify_peer’ => false,
‘verify_peer_name’ => false,
‘allow_self_signed’ => true,
]
];
write your question bellow in the “Leave a Reply” form.
Thanks!
Recently, the popular open source email transfer client PHPMailer has implemented additional security measures to limit the risk of unauthorized emails being transmitted through their system. One of these measures is the ability to disable SMTP SSL certificate verification in PHP, which can be done by following the steps outlined in this article.
SMTP Secure Sockets Layer (SSL) is an encryption protocol used for data transfer between two machines. It is widely used for communication between networks, including email transfer. With SSL enabled, PHPMailer can verify the authenticity of a secure link established between two computers, protecting users from potential exploits.
However, there may be instances when users wish to disable this feature, either for convenience or to reduce network latency. For instance, if the user is not expecting a large volume of emails or is running a development environment, disabling SMTP SSL certificate verification may not be necessary.
To disable SMTP SSL certificate verification in PHPMailer, users must edit the initialization of the PHPMailer class instance. The verification is enabled by default, but can be easily disabled by setting the “SMTPAutoTLS” parameter to “false”.
Once this is done, the verification requirement will no longer be enforced when sending emails. This setting should not be used in production environments, as it can increase the risk of email spoofing. It is strongly recommended that users enable SSL verification if sending emails to any public address.
In conclusion, PHPMailer has implemented a number of security measures to protect users from potential exploits while transferring emails. SSL certificate verification is one of these features, and can be easily disabled in the initialization of the PHPMailer class instance. However, this should not be done in production environments as it can reduce the level of security.
