Opened 21 months ago
Closed 21 months ago
#34412 closed Bug (duplicate)
TLS/SSL sending mail fails in some servers
Reported by: | raydeal | Owned by: | nobody |
---|---|---|---|
Component: | Core (Mail) | Version: | dev |
Severity: | Normal | Keywords: | |
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
After last changes in django.core.mail.backends.smtp.EmailBackend
sending email is broken in some mail servers. There is an error ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:992)
According to Python documentation SSL security and create_default_context I think that working version of implementation is
@cached_property def ssl_context(self): if self.ssl_certfile: ssl_context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLS_CLIENT) ssl_context.load_cert_chain(self.ssl_certfile, self.ssl_keyfile) else: ssl_context = ssl.create_default_context() return ssl_context
Additionally it would be great to clarify in documentation of Django settings what is EMAIL_SSL_CERTFILE and EMAIL_SSL_KEYFILE because a key and certificate can be in one file passed as EMAIL_SSL_CERTFILE and it is enough to pass certificate validation.
Change History (3)
comment:1 by , 21 months ago
Component: | Uncategorized → Core (Mail) |
---|
comment:2 by , 21 months ago
comment:3 by , 21 months ago
Resolution: | → duplicate |
---|---|
Status: | new → closed |
The proposed implementation in the description matches the code in the commit that Claude mentioned, so marking as a duplicate of #34386.
raydeal, feel free to propose a documentation patch regarding your point in the last sentence. Such a small change doesn't require a ticket.
Did you test before or after this change: [b9d89d74f71c043d5269c]?