The “Solution” did not work for me, and I think I have a pretty vanilla set up:
- Fresh (first time) Ghost 4.16.0 installation on Ubuntu on a DigitalOcean Droplet using Ghost-CLI 1.17.3 and all the standard guides.
- Created
Arecords for@and*of my custom domain to point at the Ghost server. - Ran
ghost setup sslsoon after install and have been running https with the custom domain ever since. - Using default Casper and the default Portal with just the paid tiers turned off.
So nothing too exciting, but all working really nicely. Next step was to enable subscriptions, so:
- I followed https://ghost.org/docs/config/#mail and created a Mailgun account.
- Mailgun recommends port 587 for SMTP, so I followed the instructions and set my config to:
"mail": {
"from": "<FROM ADDR>",
"transport": "SMTP",
"options": {
"service": "Mailgun",
"host": "smtp.mailgun.org",
"port": 587,
"secureConnection": true,
"auth": {
"user": "<USERNAME>",
"pass": "<PASSWORD>"
}
}
When I try to sign in to my own site, I get the dreaded “ssl3_get_record:wrong version number” error.
I tried all the suggestions in this thread to no avail. They made no difference.
This thread found a “solution” by removing the port and secure flags entirely, which seems ill-advised.
This thread simply suggests email doesn’t work in Ghost with SSL enabled, which is essentially the same worrying conclusion.
Finally, this thread suggested changing to port 465. After some research I see that it’s not recommended because 587 is well defined and uses the helpful “StartTLS” protocol to negotiate a secure connection. Port 487 is a bit less well-defined, but commonly uses “Implicit TLS”, which is essentially SSL straight out of the gate. So in summary, if port 587 doesn’t work and 465 does, it’s a fine fallback.
And whaddya know, port 587 doesn’t work in Ghost (maybe due to the nginx incompatibility) but Mailgun’s port 465 does! I simply changed the "port" value in my configuration to 465 and all is well.