Description: When I click on "Test Settings" after entering the correct credentials/settings in the "Preferences > LibreOffice Writer > Mail Merge Email" Dialog, the network connection is established successfully but it always fails to find the outgoing email server. The following error message is shown: LibreOffice could not connect to the outgoing mail server. Check your system's settings and the settings in LibreOffice. Check the server name, the port and the secure connections settings -- <class 'ssl.SSLCertVerificationError'>: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131), traceback follows File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Resources/mailmerge.py", line 111, in connect self.server.starttls(context=ssl.create_default_context()) File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Frameworks/LibreOfficePython.framework/Versions/Current/lib/python3.8/smtplib.py", line 788, in starttls self.sock = context.wrap_socket(self.sock, File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Frameworks/LibreOfficePython.framework/Versions/Current/lib/python3.8/ssl.py", line 500, in wrap_socket return self.sslsocket_class._create( File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Frameworks/LibreOfficePython.framework/Versions/Current/lib/python3.8/ssl.py", line 1073, in _create self.do_handshake() File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Frameworks/LibreOfficePython.framework/Versions/Current/lib/python3.8/ssl.py", line 1342, in do_handshake self._sslobj.do_handshake() Steps to Reproduce: 1. Open Preferences > LibreOffice Writer > Mail Merge Email 2. Enter correct settings/credentials (using TLS/SSL) 3. Click "Test Settings" Actual Results: The network connection is established successfully but it always fails to find the outgoing email server. The following error message is shown: LibreOffice could not connect to the outgoing mail server. Check your system's settings and the settings in LibreOffice. Check the server name, the port and the secure connections settings -- <class 'ssl.SSLCertVerificationError'>: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131), traceback follows File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Resources/mailmerge.py", line 111, in connect self.server.starttls(context=ssl.create_default_context()) File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Frameworks/LibreOfficePython.framework/Versions/Current/lib/python3.8/smtplib.py", line 788, in starttls self.sock = context.wrap_socket(self.sock, File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Frameworks/LibreOfficePython.framework/Versions/Current/lib/python3.8/ssl.py", line 500, in wrap_socket return self.sslsocket_class._create( File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Frameworks/LibreOfficePython.framework/Versions/Current/lib/python3.8/ssl.py", line 1073, in _create self.do_handshake() File "/private/var/folders/3b/y40cdqyd2_g2xtjvtqd6m2mr0000gn/T/AppTranslocation/9470A800-D97E-4B95-9AE3-848BB8F05929/d/LibreOffice.app/Contents/Frameworks/LibreOfficePython.framework/Versions/Current/lib/python3.8/ssl.py", line 1342, in do_handshake self._sslobj.do_handshake() Expected Results: Both tests should be successful: * Establish network connection * Find outgoing mail server Reproducible: Always User Profile Reset: No Additional Info: Version: 7.6.2.1 (X86_64) / LibreOffice Community Build ID: 56f7684011345957bbf33a7ee678afaf4d2ba333 CPU threads: 8; OS: Mac OS X 13.5.1; UI render: Skia/Metal; VCL: osx Locale: en-GB (en_GB.UTF-8); UI: en-US Calc: threaded I also tested earlier versions, in the following "Test Settings" works as expected: Version: 7.4.7.2 / LibreOffice Community Build ID: 723314e595e8007d3cf785c16538505a1c878ca5 CPU threads: 8; OS: Mac OS X 13.5.1; UI render: default; VCL: osx Locale: en-GB (en_GB.UTF-8); UI: en-US Calc: threaded But here it fails already with the mentioned error message: Version: 7.5.7.1 (X86_64) / LibreOffice Community Build ID: 47eb0cf7efbacdee9b19ae25d6752381ede23126 CPU threads: 8; OS: Mac OS X 13.5.1; UI render: default; VCL: osx Locale: en-GB (en_GB.UTF-8); UI: en-US Calc: threaded
This bug does not appear in 7.4.7.2. Added regression and bibisectRequest keywords. See the same SSL: CERTIFICATE_VERIFY_FAILED error as mentioned above with 7.5.0.3 and the latest LibreOfficeDev build. Version: 7.5.0.3 (AARCH64) / LibreOffice Community Build ID: c21113d003cd3efa8c53188764377a8272d9d6de CPU threads: 10; OS: Mac OS X 14.0; UI render: default; VCL: osx Locale: en-US (en_US.UTF-8); UI: en-US Calc: threaded Version: 24.2.0.0.alpha0+ (AARCH64) / LibreOffice Community Build ID: f8e591ab9182e0a61c4ae5b8f77b166fcaeaa877 CPU threads: 10; OS: macOS 14.0; UI render: default; VCL: osx Locale: en-US (en_US.UTF-8); UI: en-US Calc: threaded
I was able to replicate this bug in Linux using this repository: https://bibisect.libreoffice.org/linux-64-7.6 I used these instructions to test with my personal email: https://posteo.de/en/help/how-do-i-set-up-posteo-in-an-email-client-pop3-imap-and-smtp More information on the commit that caused this bug here: https://git.libreoffice.org/core/commit/3326ae0a9902395224ddd95ca3df069ebffe2990 Adding CC: Caolán McNamara Information about the first version that caused this bug: Version: 7.6.1.0.0+ (X86_64) / LibreOffice Community Build ID: 3326ae0a9902395224ddd95ca3df069ebffe2990 CPU threads: 4; OS: Linux 5.15; UI render: default; VCL: x11 Locale: en-US (en_US.UTF-8); UI: en-US Calc: threaded
(In reply to kdub from comment #2) > Information about the first version that caused this bug: > Version: 7.6.1.0.0+ (X86_64) / LibreOffice Community > Build ID: 3326ae0a9902395224ddd95ca3df069ebffe2990 Commit details: https://cgit.freedesktop.org/libreoffice/core/commit/?id=e3d28846c2343072750197fcdeaf44a945ddcb61 author Caolán McNamara <caolan.mcnamara@collabora.com> 2023-07-28 12:13:41 +0100 committer Thorsten Behrens <thorsten.behrens@allotropia.de> 2023-07-29 02:30:34 +0200 "follow python recommendation and pass SSL contexts" I see a conversation from Thorsten Behrens and Mike Kaganski in the gerrit change that could be relevant. https://gerrit.libreoffice.org/c/core/+/155016 Thorsten: "Some more testing done - not using system python might require setting the path to a system cert store, e.g. for a --enable-python=internal build, this does it for me: SSL_CERT_FILE=/etc/ssl/ca-bundle.pem ./soffice --writer I'm not sure if there's a good way to override --openssldir=<foo> for our internal openssl to make that suck less?" Mike: "We surely have some mechanism to know the used cert store - e.g., for signing documents. Can we re-use it to feed that information to (built-in) Python? Possibly not only to built-in, because I suppose users would expect all components to use a consistent config?" Thorsten: "The problem is the set of different libraries we're using for this. For internal python, we use a shared openssl instance. But in general, yes, getting better at using std OS stuff should be a goal (e.g. I find the certifi python module, spun out of request package, that pops up on SO to solve this for Macs)."
*** Bug 158463 has been marked as a duplicate of this bug. ***
Affects all OS according to duplicate bug 158463. Reporter replaced mailmerge.py with LO 7.3's as a workaround. According to bibisect, earliest affected is 7.5.6.1, so not sure about comment 1's reproduction in an earlier version. I'm changing the Version field accordingly.
The linux case should already work in 24.2 since: https://gerrit.libreoffice.org/c/core/+/159149 so lets backport that at least for 7-6 too: https://gerrit.libreoffice.org/c/core/+/165597 This one was was osx however and the issue remains on at least that platform. I find that with: https://gerrit.libreoffice.org/c/core/+/165599 then smtp.gmail.com at least works with "test settings" for me
Caolán McNamara committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/25a5b9b136c80c93593097e4463184035218fd56 Related: tdf#157480 use SSL_CERT_FILE on macOS too It will be available in 24.8.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-24-2": https://git.libreoffice.org/core/commit/29f24d4bffed3d6d992274adffab375390fbc1a1 Related: tdf#157480 use SSL_CERT_FILE on macOS too It will be available in 24.2.3. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
checking last windows 7-6, test settings works there for me out of the box. macOS seems good now in trunk and 24.2. Backport of that to 7-6 pending integration of the generic fix for unix-alike OS of 7-6 noted above
Michael Stahl committed a patch related to this issue. It has been pushed to "libreoffice-7-6": https://git.libreoffice.org/core/commit/d8fa11184fae396e4bca3c2201380613c6031ac8 Related: tdf#157480 vcl,openssl: set SSL_CERT_FILE for bundled OpenSSL It will be available in 7.6.7. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Caolán McNamara committed a patch related to this issue. It has been pushed to "libreoffice-7-6": https://git.libreoffice.org/core/commit/4c3b2e13f2f9e0acf4529add0748acb010157ab4 Related: tdf#157480 use SSL_CERT_FILE on macOS too It will be available in 7.6.7. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.