DOCS - ActionMailer::Base.smtp_settings missing documentation for ca_path

[ccasabona]

The documentation for ActionMailer::Base.smtp_settings does not mention using ca_path when showing how to setup sending encrypted emails using an installed ssl certificate. It appears that this has been missing since since at least 2016 as mentioned in this stack overflow post:

https://stackoverflow.com/questions/36518887/actionmailer-smtp-certificate-verify-failed

Trying to send encrypted emails will not work unless OpenSSL can locate the security certificate file on the server.

An example setup taken from a working application for sending encrypted emails can be stored in config/initializers/send_mail.rb:

ActionMailer::Base.smtp_settings = 
  {
    address: mail.domain.com,
    port: 465,
    domain: domain.com,
    user_name: webmaster@domain.com,
    password: <PASSWORD>,
    authentication: :plain,
    enable_starttls_auto: true,
    open_timeout: 5,
    read_timeout: 5,
    ca_path: <PATH TO CERTIFICATE FULLCHAIN FILE ON SERVER>,
    openssl_verify_mode: OpenSSL::SSL::VERIFY_PEER,
    tls: true,
    ssl: true
  }
end

The ca_path value for a letsencrypt ssl certificate would be:

/etc/letsencrypt/live/domain.com/fullchain.pem

It is important to note that the fullchain type file is required for the certificate.

It is wise to rescue OpenSSL::SSL::SSLError when using this. If the certificate file cannot be found, an SSL_CTX_load_verify_locations: system lib exception is generated.

ActionMailer::Base.smtp_settings does not appear to support the ca_file setting mentioned in some stack overflow posts.

Rails version 7.1.3.2

Ruby 3.3.0