When gitlab try to send email via external smtp server, sidekiq mail queue crash with error like:

SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

Fix for package installed gitlab:

Edit /etc/gitlab/gitlab.rb and add:

For ubuntu system wide ca bundle:

gitlab_rails['smtp_ca_file'] = "/etc/ssl/certs/ca-certificates.crt"

For centos system wide ca bundle:

gitlab_rails['smtp_ca_file'] = "/etc/pki/tls/certs/ca-bundle.crt"

Or omnibus gitlab package:

gitlab_rails['smtp_ca_file'] = "/opt/gitlab/embedded/ssl/cert.pem"

Then run gitlab-ctl reconfigure.

For gitlab installed from source code:

Edit file config/initializers/smtp_settings.rb:

ActionMailer::Base.smtp_settings = {
    authentication: :login,
    # For ubuntu
    ca_file: "/etc/ssl/certs/ca-certificates.crt",
    # For centos
    #ca_file: "/etc/pki/tls/certs/ca-bundle.crt",

Finnaly restart gitlab service:

service gitlab restart

Or omnibus gitlab package:

gitlab-ctl restart

For test settings:

Run the gitlab console

sudo gitlab-rails console

And send test email

Notify.test_email('test@domain.ltd', 'Message Subject', 'Message Body').deliver_now

omnibus gitlab package full example for yandex:

gitlab_rails['gitlab_email_enabled'] = true
gitlab_rails['gitlab_email_from'] = 'gitlab@domain.ltd'
gitlab_rails['gitlab_email_display_name'] = 'Gitlab'
gitlab_rails['gitlab_email_reply_to'] = 'admin@domain.ltd'
gitlab_rails['gitlab_email_subject_suffix'] = ''
gitlab_rails['incoming_email_enabled'] = false

gitlab_rails['smtp_enable'] = true
gitlab_rails['smtp_address'] = "smtp.yandex.ru"
gitlab_rails['smtp_port'] = 465
gitlab_rails['smtp_user_name'] = "gitlab@domain.ltd"
gitlab_rails['smtp_password'] = "******"
gitlab_rails['smtp_domain'] = "domain.ltd"
gitlab_rails['smtp_authentication'] = "login"
gitlab_rails['smtp_tls'] = true
gitlab_rails['smtp_enable_starttls_auto'] = true
gitlab_rails['smtp_openssl_verify_mode'] = 'peer'
gitlab_rails['smtp_ca_path'] = "/etc/ssl/certs"
gitlab_rails['smtp_ca_file'] = "/etc/ssl/certs/ca-bundle.crt"


  1. SSL certification error #1558
  2. SMTP Gmail account working on gitlab but not on gitlab-ci #2143