How do I use STARTTLS with swiftmailer in php?
Stefan Bogdanescu
Founder & Senior Architect · 2026-06-29
# How Do I Use STARTTLS with SwiftMailer in PHP? Solving the Office365 Connection Issue
This is a very common hurdle when dealing with modern email services that mandate secure connections, such as Microsoft Office 365. As a senior developer working within the Laravel ecosystem, you frequently encounter these low-level networking and transport layer issues. Dealing with SMTP security protocols like `STARTTLS` can be tricky because it involves not just application configuration but also deep interaction with PHP's stream handling capabilities.
If you are running into the error: `stream_socket_client(): unable to connect to starttls://smtp.office365.com:587 (Unable to find the socket transport "starttls" - did you forget to enable it when you configured PHP?)`, it signals a problem with how PHP is interpreting or enabling the necessary TLS negotiation during the connection attempt, rather than an issue solely within your SwiftMailer configuration itself.
This post will diagnose why this error occurs and provide the comprehensive steps needed to successfully establish a secure `STARTTLS` connection using SwiftMailer in your PHP environment.
## Understanding the STARTTLS Transport Issue
The error message points directly to a missing socket transport named `"starttls"`. This indicates that while your application (SwiftMailer) is correctly requesting an encrypted connection via the `MAIL_ENCRYPTION=starttls` setting, the underlying PHP stream functions are failing to recognize or activate this specific protocol handler when attempting the connection.
When connecting to port 587 (the standard port for submission with STARTTLS), the client must initiate a plain connection and then issue the `STARTTLS` command to upgrade that connection to an encrypted TLS session. If the server or PHP environment is not configured correctly, this negotiation fails immediately.
In the context of Laravel applications, which rely heavily on robust external service integration (like mail services), ensuring the PHP environment supports these protocols is paramount for reliable operations.
## Step-by-Step Solution for STARTTLS Configuration
The solution involves two parts: confirming your application settings and ensuring the foundational PHP server setup allows for secure socket communication.
### 1. Verify SwiftMailer Configuration
First, ensure your `.env` file configuration is correctly set up. For standard SMTP with STARTTLS, the setup you have is technically correct from an application standpoint:
```dotenv
MAIL_DRIVER=smtp
MAIL_HOST=smtp.office365.com
MAIL_PORT=587
MAIL_USERNAME=XXXX@XXXX.se
MAIL_PASSWORD=XXXXXXXtXVF
MAIL_ENCRYPTION=starttls # This tells SwiftMailer to use STARTTLS negotiation
```
If this configuration is correct, the issue lies in the PHP runtime environment.
### 2. Addressing the PHP Environment (The Crucial Step)
Since you are on PHP 7.3 and Laravel, the problem often stems from how PHP handles stream wrappers for secure connections. While modern PHP versions handle many TLS operations natively, sometimes specific server configurations or older library dependencies interfere.
**Actionable Steps:**
* **Check PHP Extensions:** Ensure that the necessary extensions for SSL/TLS are enabled in your `php.ini` file. Look for `openssl`, `stream_socket_server`, and related modules. These are fundamental for any secure network communication in PHP.
* **Verify `stream_socket_client` availability:** The error specifically references this function failing to find the transport. Ensure that the necessary system libraries (like OpenSSL) are correctly linked when PHP was compiled, as this underpins how stream functions manage protocols like `starttls`.
For deeper context on maintaining a secure and robust PHP environment, understanding server-side configuration is keyâmuch like how **Laravel** emphasizes building secure applications from the ground up.
## Conclusion
The error you encountered is an infrastructure issue manifesting at the application layer. While setting `MAIL_ENCRYPTION=starttls` correctly tells SwiftMailer what to attempt, the failure to find the `"starttls"` transport confirms that the PHP installation or its underlying system dependencies are not fully capable of executing the required socket negotiation for that protocol on the host server.
By ensuring your PHP environment has all necessary SSL/TLS extensions properly enabled and configured in `php.ini`, you resolve this low-level networking hurdle. Once the stream handlers can correctly interpret the `starttls` request, SwiftMailer will be able to establish the secure connection to Office365 successfully. Remember: always start by verifying your server environment before diving deeper into application code!