I’m currently hosting an API backend that has been working well so far. I’m trying now to add an email verification service over SMTP with a gmail account. My API is written in Rust with Tokio and Axum, and I’m using the Lettre library to send emails. The route works fine on my local machine’s deployment, but in a fly VM I get an SSL error. I’ve attempted modifying my fly.toml file in order to open up the TLS port on 465, which is where my localhost server is working properly, but I’m assuming this only affects incoming requests. In my route I get the following error:
Connection error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:../ssl/statem/statem_clnt.c:1914: (unable to get local issuer certificate)
When I switch my outgoing SMTP port to 587, I get the following error:
Connection error: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:331
My current fly.toml is as follows:
app = "xxx"
primary_region = "xxx"
[env]
SMTP_USERNAME = "xxxxx@gmail.com"
SMTP_HOST = "smtp-relay.gmail.com"
# SMTP_PORT = "587"
SMTP_PORT = "465"
[[services]]
internal_port = 3000
protocol = "tcp"
auto_stop_machines = true
auto_start_machines = true
min_machines_running = 0
[[services.ports]]
handlers = ["tls"]
# port = 587
port = 465
[[services.ports]]
handlers = ["tls", "http"]
port = 443
[[services.ports]]
handlers = ["http"]
force_https = true
port = 80
The Rust code that is returning an error is as follows:
let mailer = SmtpTransport::relay(&host)
.map_err(|err| anyhow::anyhow!(err))?
.port(port.parse::<u16>().map_err(|err| anyhow::anyhow!(err))?)
.credentials(creds)
.build();
mailer
.send(&email_msg)
.map_err(|err| anyhow::anyhow!(err))?; // This returns the port-dependent error
creds, host, and port are derived from environment variables and I’ve verified they exist and are correct in my VM.
I’m not well versed in networking protocols, any help is much appreciated!
Thanks