search

emailjs / emailjs-imap-client

Low-level JS IMAP client for all your IMAP needs.
MIT License
552 stars 123 forks source link

Self signed certificate #233

Open cecilcosta opened 4 years ago

cecilcosta commented 4 years ago

Whenever I try to connect to Google's IMAP it fails due to a self-signed certificate

[DEBUG][2020-03-08T15:37:16.582Z][1][taitor46][imap.gmail.com] Connecting to imap.gmail.com : 993 [DEBUG][2020-03-08T15:37:16.587Z][1][taitor46][imap.gmail.com] Entering state: 1 (node:38836) UnhandledPromiseRejectionWarning: Error: Could not open socket: self signed certificate at TCPSocket.socket.onerror (/Users/tutorspace/Workspace/emailtest/node_modules/emailjs-imap-client/dist/imap.js:161:16) at TCPSocket._emit (/Users/tutorspace/Workspace/emailtest/node_modules/emailjs-tcp-socket/dist/node-socket.js:100:32) at TLSSocket.<anonymous> (/Users/tutorspace/Workspace/emailtest/node_modules/emailjs-tcp-socket/dist/node-socket.js:74:18) at TLSSocket.emit (events.js:311:20) at emitErrorNT (internal/streams/destroy.js:92:8) at emitErrorAndCloseNT (internal/streams/destroy.js:60:3) at processTicksAndRejections (internal/process/task_queues.js:84:21)

I had a similar issue when using imap-simple and it seems that we had to specify the host name.

tlsOptions: { servername: 'imap.gmail.com' }

Such option doesn't seem to exist here (at least I couldn't find it). Can you please check it? Testing with a gmail account is very straight away.

ctobtb commented 4 years ago

@cecilcosta Have you enable "Less Secured App Access" on the Gmail account you're testing your code?

cecilcosta commented 4 years ago

@ctobtb YEs, it was enabled. Actually, it was working with imap, and simple imap adding the option tlsOptions: { servername: 'imap.gmail.com' }

pavel-omelchuk commented 4 years ago

@ctobtb If you need a fast and rough solution, that may help: process.env.NODE_TLS_REJECT_UNAUTHORIZED='0';

MarcoCatalan commented 4 years ago

@cecilcosta Take a look at this: https://github.com/nodejs/node/issues/28167

alanarentsen commented 4 years ago

It clearly has to do with how Node handles the opening of the Socket. I moved from Node12 to Node10 and I did not encounter this problem anymore. I know it is not a fix but maybe helpful.

stellarhoof commented 4 years ago

This has already been fixed in emailjs-tcp-socket's master: https://github.com/emailjs/emailjs-tcp-socket/pull/75. All they need to do is cut a release and bump the dep here.

mmozcelik commented 2 years ago

Are there any recent fix or production level workaround for this issue (NODE_TLS_REJECT_UNAUTHORIZED env variable seems like not a good practice at production)?

@stellarhoof suggested a PR to provide tlsOptions with servername parameter. And seems like it would work.

ejnshtein commented 1 year ago

Here I go with the same issue... I believe that that's highly unlikely that emailjs-tcp-socket package will be released with a fix, so I guess we will need to use patching :thinking: