WHMCS mail problems in php 5.6?

WHMCS has made the decision to force users to update to PHP 5.6 in order to receive updates in the future. While good, there are indeed WHMCS mail problems in PHP  5.6.

To be fair, the problems aren’t WHMCS problems directly, but they COULD be avoided by not forcing users to update to a version of php which is riddled with a pretty major hole. Alternatively, they could patch their mail system to fix the hole!

PHP 5.6 forces SSL certificate ‘verification’ if you’re using something like TLS or SSL for sending mail. This is great if the certificate validation is handled correctly, but, it’s not.Take , for example, my own case.  SSL Shopper says the certificate is fine (because it is). However, because it’s a wildcard certificate (applied across numerous servers and services across the board) PHP incorrectly says it’s not. It just doesn’t want to work, and times out.

So what is one to do? Spend more money on a ssl certificate because PHP doesn’t want to validate things properly? No. Ideally, there would be a global option to disable this checking for every site (it is rather annoying), however, that’s not going to happen… So, here’s a quick way to fix this.

The problem:

In WHMCS , when sending mail using TLS/SSL  and php 5.6, the system will simply timeout. SMTP debug does nothing to resolve this, in fact the page will simply time out. You may see something in your error_log file like the following:

[05-Aug-2016 19:18:16 America/Chicago] PHP Warning: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /home/user/public_html/phpmailer/class.smtp.php on line 344

however, that’s from my own custom phpmailer testing, so that’s not likely either

The solution:

The solution to this is somewhat clunky, honestly. Unfortunately, it’s going to have to be re-applied every single time you update WHMCS until they get smart enough to add these options to the mail settings themselves (which isn’t terribly likely).

In /home/username/www/vendor/phpmailer/phpmailer/class.phpmailer.php , find

public $SMTPOptions = array();

Replace it with the following code:

public $SMTPOptions = array( 
'ssl' => array( 
'verify_peer' => false, 
'verify_depth' => 3, 
'allow_self_signed' => true, ) );

This will allow you to connect, using whmcs with php 5.6+ and an ‘invalid’ certificate (again, from personal experience, these tend to be quite valid).

Make sure you save this file, then copy it elsewhere (ie: your home pc, etc), because this will  be overwritten should you update WHMCS (which, of course, you should).

note:
If your certificate really is invalid, I recommend that you get a valid one. They start at around $10/yr and can provide at least a minor bit of verification.