TLS configuration for outgoing emails does not propagate, resulting in no outgoing emails at all

Dear all.

on our self-hosted omnibus instance (15.11.3-ee), we lost the ability to send outgoing emails.

All notification sidekiq jobs fail with an ArgumentError with the error message stating:

:enable_starttls and :tls are mutually exclusive. Set :tls if you’re on an SMTPS connection. Set :enable_starttls if you’re on an SMTP connection and using STARTTLS for secure TLS upgrade.

Our /etc/gitlab/gitlab.rb SMTP section reads:

gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_pool'] = false
gitlab_rails['smtp_address'] = ""
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = ""
gitlab_rails['smtp_password'] = "xxxxxxxxxxxx"
gitlab_rails['smtp_authentication'] = "plain"
gitlab_rails['smtp_enable_starttls_auto'] = false
gitlab_rails['smtp_tls'] = true
gitlab_rails['smtp_openssl_verify_mode'] = 'peer'

After a gitlab-ctl reconfigure, the files /var/opt/gitlab/gitlab-rails/etc/smtp_settings.rb and /opt/gitlab/embedded/service/gitlab-rails/config/initializers/smtp_settings.rb are identical:

# This file is managed by gitlab-ctl. Manual changes will be
# erased! To change the contents below, edit /etc/gitlab/gitlab.rb
# and run `sudo gitlab-ctl reconfigure`.

if Rails.env.production?
  secrets = Gitlab::Email::SmtpConfig.secrets
  smtp_settings = {
    authentication: :plain,
    user_name: "",
    password: "xxxxxxxxxxxxx",
    address: "",
    port: 465,

    enable_starttls_auto: false,
    tls: true,

    openssl_verify_mode: "peer",

    ca_file: "/opt/gitlab/embedded/ssl/certs/cacert.pem",

  Gitlab::Application.config.action_mailer.delivery_method = :smtp
  ActionMailer::Base.delivery_method = :smtp

  ActionMailer::Base.smtp_settings = smtp_settings

Still after gitlab-ctl restart the error messages state that TLS and STARTTLS are both configured…

What do I miss? Why does it seem, that the settings are not propagated correctly? Are any additional steps necessary? Any further ideas?


Using the console works perfectly… :jigsaw:

ccauet@gitlab$ sudo gitlab-rails console
 Ruby:         ruby 3.0.6p216 (2023-03-30 revision 23a532679b) [x86_64-linux]
 GitLab:       15.11.3-ee (9850c263897) EE
 GitLab Shell: 14.18.0
 PostgreSQL:   13.8
------------------------------------------------------------[ booted in 30.46s ]
Loading production environment (Rails
irb(main):001:0> Notify.test_email(', 'Message Subject', 'Message Body').deliver_now
Delivered mail 64638343af8d9_434f49981eb@git.mail (3153.1ms)
=> #<Mail::Message:342920, Multipart: false, Headers: <Date: Tue, 16 May 2023 15:21:07 +0200>, <From: GitLab <>>, <Reply-To: GitLab <>>, <To:>, <Message-ID: <64638343af8d9_434f49981eb@git.mail>>, <Subject: Message Subject>, <Mime-Version: 1.0>, <Content-Type: text/html; charset=UTF-8>, <Content-Transfer-Encoding: 7bit>, <Auto-Submitted: auto-generated>, <X-Auto-Response-Suppress: All>>

Thanks ins advance for you help!

Best regards

1 Like