Taking FrankenPHP as an example, within the Octane environment, using the SmtpEmail plugin may encounter TLS/SSL issues. Below is a tutorial addressing this.

Troubleshooting TLS/SSL Issues with Static Binaries

When using the static binaries, you may encounter the following TLS-related errors, for instance when sending emails using STARTTLS:

Unable to connect with STARTTLS: stream_socket_enable_crypto(): SSL operation failed with code 5. OpenSSL Error messages:
error:80000002:system library::No such file or directory
error:80000002:system library::No such file or directory
error:80000002:system library::No such file or directory
error:0A000086:SSL routines::certificate verify failed

As the static binary doesn’t bundle TLS certificates, you need to point OpenSSL to your local CA certificates installation.

Inspect the output of openssl_get_cert_locations(), to find where CA certificates must be installed and store them at this location.

![WARNING] Web and CLI contexts may have different settings. Be sure to run openssl_get_cert_locations() in the proper context.

CA certificates extracted from Mozilla can be downloaded on the curl website.

Alternatively, many distributions, including Debian, Ubuntu, and Alpine provide packages named ca-certificates that contain these certificates.

It’s also possible to use the SSL_CERT_FILE and SSL_CERT_DIR to hint OpenSSL where to look for CA certificates:

# Set TLS certificates environment variables
export SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
export SSL_CERT_DIR=/etc/ssl/certs