{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 叛逆 的问题《Unexpected “ The remote certificate is invalid acc》','https://www.manongdao.com/q-944134.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am trying to connect to an SMTP server from a .NetCore/Ubuntu machine via Mailkit.
I am attempting to connect to port 25 on the server with SSL turned off.
The mail server is a windows server on the local lan, and works fine from other machines with the same settings as are being used on the problem Ubuntu machine.
The code being used to connect is as follows:
using (var client = new SmtpClient())
{
client.Connect("smtp.mydomain.com", 25,false);
client.Authenticate(username, password);
client.Send(emailMessage);
client.Disconnect(true);
}
However, this throws an exception immediately after the .Connect line with the error message "The remote certificate is invalid according to the validation procedure."
I am surprised that certificates are involved at all on vanilla port 25.
Has anyone got any ideas what is going on?
The server is probably enabling TLS as part of SMTP. This is pretty common, it's the STARTTLS verb.
If this works on other Windows boxes, are you in an AD? If so there's probably a CA on the AD issuing certificates which are automatically trusted via Group Policy. So you need to configure OpenSSL on your Ubuntu machine to trust that CA too.
Or you could just say fuck it, and tell StmpClient to ignore security with
The reason why you see an SSL certificate on port 25 is due to the reason that the server offer a starttls on that port. To find out which SSL certificate is used you can use the following way as mentioned here via OpenSSL:
It might be that this SSL certificate used here is selfsigned, then you can either replace that with a trusted one (if you can) or you can trust the selfsigned certificate.