github-starred/pangolin
2
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-06 12:55:03 -05:00
Code Issues 564 Packages Projects Releases 72 Wiki Activity

[GH-ISSUE #934] Logging and docs issues around SMTP TLS configuration #8463

New Issue
Closed
opened 2026-04-30 04:19:13 -05:00 by GiteaMirror · 1 comment
GiteaMirror commented 2026-04-30 04:19:13 -05:00
Owner
Copy Link

Originally created by @jcrawfordor on GitHub (Jun 18, 2025).
Original GitHub issue: https://github.com/fosrl/pangolin/issues/934

Originally assigned to: @miloschwartz on GitHub.

I encountered the same problem as the closed issue #652 . That issue was closed when the reporter seems to have avoided the problem, but it still exists. Any action that leads to an email being sent, like inviting a user or an invited user trying to get a verification code, can result in an exception:

pangolin  |  ⨯ unhandledRejection:  TypeError: Converting circular structure to JSON
pangolin  |     --> starting at object with constructor 'Object'
pangolin  |     --- property 'issuerCertificate' closes the circle
pangolin  |     at JSON.stringify (<anonymous>)
pangolin  |     at Printf.template (server/logger.ts:14:28)
pangolin  |   12 |         }
pangolin  |   13 |         if (Object.keys(metadata).length > 0) {
pangolin  | > 14 |             msg += ` ${JSON.stringify(metadata)}`;
pangolin  |      |                            ^
pangolin  |   15 |         }
pangolin  |   16 |         return msg;
pangolin  |   17 |     }

This appears to be an error encountered when trying to log a more useful message, which is the first thing that could be fixed. In practice, this behavior seems to indicate a problem with verifying the TLS certificate of the mail server (in my situation, it's sending a cert with the wrong domain name due to a split-horizon DNS situation which should be addressed but it is what it is).

Validating the cause/fix was additionally complicated by what I believe to be an error in the documentation at https://docs.fossorial.io/Pangolin/Configuration/config

It states that "smtp_tls_reject_unauthorized" means "Do not fail if the server certificate cannot be verified." However, it's actually the opposite - "true" means it will fail if the server cannot be verified, "false" will allow a connection even with an invalid certificate. Perhaps for the same reason, it also gives the wrong default - it says that the default is "false", but testing shows that the default is "true".

If you encounter the above exception, try setting smtp_tls_reject_unauthorized to false. If that fixes the error, check out the TLS certificate presented by your mail server.

Originally created by @jcrawfordor on GitHub (Jun 18, 2025). Original GitHub issue: https://github.com/fosrl/pangolin/issues/934 Originally assigned to: @miloschwartz on GitHub. I encountered the same problem as the closed issue #652 . That issue was closed when the reporter seems to have avoided the problem, but it still exists. Any action that leads to an email being sent, like inviting a user or an invited user trying to get a verification code, can result in an exception: ``` pangolin | ⨯ unhandledRejection: TypeError: Converting circular structure to JSON pangolin | --> starting at object with constructor 'Object' pangolin | --- property 'issuerCertificate' closes the circle pangolin | at JSON.stringify (<anonymous>) pangolin | at Printf.template (server/logger.ts:14:28) pangolin | 12 | } pangolin | 13 | if (Object.keys(metadata).length > 0) { pangolin | > 14 | msg += ` ${JSON.stringify(metadata)}`; pangolin | | ^ pangolin | 15 | } pangolin | 16 | return msg; pangolin | 17 | } ``` This appears to be an error encountered when trying to log a more useful message, which is the first thing that could be fixed. In practice, this behavior seems to indicate a problem with verifying the TLS certificate of the mail server (in my situation, it's sending a cert with the wrong domain name due to a split-horizon DNS situation which should be addressed but it is what it is). Validating the cause/fix was additionally complicated by what I believe to be an error in the documentation at https://docs.fossorial.io/Pangolin/Configuration/config It states that "smtp_tls_reject_unauthorized" means "Do not fail if the server certificate cannot be verified." However, it's actually the opposite - "true" means it *will* fail if the server cannot be verified, "false" will allow a connection even with an invalid certificate. Perhaps for the same reason, it also gives the wrong default - it says that the default is "false", but testing shows that the default is "true". If you encounter the above exception, try setting smtp_tls_reject_unauthorized to false. If that fixes the error, check out the TLS certificate presented by your mail server.
GiteaMirror added the needs investigatingbug labels 2026-04-30 04:19:13 -05:00
GiteaMirror commented 2026-04-30 04:19:16 -05:00
Author
Owner
Copy Link

@miloschwartz commented on GitHub (Jun 19, 2025):

Thanks- just checked and looks like the default is true in nodemailer. I'll update the docs!

<!-- gh-comment-id:2989087806 --> @miloschwartz commented on GitHub (Jun 19, 2025): Thanks- just checked and looks like the default is true in nodemailer. I'll update the docs!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
api
authentication
bug
config
dependencies
docker
documentation
enhancement
good first issue
help wanted
Improvement
Look Into
needs investigating
networking
new feature
non-critical bug
potential bug
pull-request
Mirrored from GitHub Pull Request
 question
reverse proxy
Security
stale
ui
wontfix
No Label bug needs investigating
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#8463
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?