CODEWITHSUNDEEP
pythonproxyssl-certificateenterpriseexchangelib
Elweiss
Elweiss

Reputation: 545

SSLError on exchangelib : can't connect on the server

I have a problem with exchangelib. Here is my code:

creds = Credentials(
username="domain_name\\username", 
password="password")

config = Configuration(server='mail.solutec.fr', credentials=creds)

account = Account(
primary_smtp_address="[email protected]",
autodiscover=False, 
config = config,
access_type=DELEGATE)

Here is the error I get:

SSLError: HTTPSConnectionPool(host='mail.solutec.fr', port=443): Max retries exceeded with url: /EWS/Exchange.asmx (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",),))

I can make it work by adding this:

from exchangelib.protocol import BaseProtocol, NoVerifyHTTPAdapter
BaseProtocol.HTTP_ADAPTER_CLS = NoVerifyHTTPAdapter

But it's just bypassing the security, so it's not what we want. If i use shared connection from my phone there is no error, so it looks like there is a problem with my enterprise proxy. I saw things about transport adapters but don't really understood how to make it work.

So, how can I make it work nicely without this bypassing solution ?

Thank you !

Upvotes: 7

Views: 10614

Answers (1)

jouell
jouell

Reputation: 3587

Use the code for "Proxies and custom TLS validation"

https://pypi.org/project/exchangelib/

I did this and used my internal PKI teams's ca bundle (which housed the CA that signed the server's cert).

Now you're secured and are overriding the OS's cert store (which does not have the firm's CA bundle in my case)

Upvotes: 0

Related Questions