Comments (9)
You're good to close it. It seems the internal procedure to get access to the exchange server is much more complicated.
from exchangelib.
verify_ssl
was only intended for turning SSL validation on/off. I haven't tested with a custom certificate, but it might work. Have you tried setting it to the absolute path to the file? Otherwise, you'll need to enable debug logging to see what's going on. A full stack trace would also help. Almost the only place requests are made is in util.post_ratelimited()
so it should be fairly easy to isolate the problem.
from exchangelib.
Below the full stack trace:
---------------------------------------------------------------------------
SSLError Traceback (most recent call last)
p:\tsproj~1\python\venv3\lib\site-packages\requests\packages\urllib3\util\ssl_.py in ssl_wrap_socket(sock, keyfile, certfile, cert_reqs, ca_certs, server_hostname, ssl_version, ciphers, ssl_context, ca_cert_dir)
294 try:
--> 295 context.load_verify_locations(ca_certs, ca_cert_dir)
296 except IOError as e: # Platform-specific: Python 2.6, 2.7, 3.2
SSLError: unknown error (_ssl.c:2728)
During handling of the above exception, another exception occurred:
SSLError Traceback (most recent call last)
p:\tsproj~1\python\venv3\lib\site-packages\requests\adapters.py in send(self, request, stream, timeout, verify, cert, proxies)
422 retries=self.max_retries,
--> 423 timeout=timeout
424 )
p:\tsproj~1\python\venv3\lib\site-packages\requests\packages\urllib3\connectionpool.py in urlopen(self, method, url, body, headers, retries, redirect, assert_same_host, timeout, pool_timeout, release_conn, chunked, **response_kw)
588 if is_new_proxy_conn:
--> 589 self._prepare_proxy(conn)
590
p:\tsproj~1\python\venv3\lib\site-packages\requests\packages\urllib3\connectionpool.py in _prepare_proxy(self, conn)
796
--> 797 conn.connect()
798
p:\tsproj~1\python\venv3\lib\site-packages\requests\packages\urllib3\connection.py in connect(self)
288 server_hostname=hostname,
--> 289 ssl_version=resolved_ssl_version)
290
p:\tsproj~1\python\venv3\lib\site-packages\requests\packages\urllib3\util\ssl_.py in ssl_wrap_socket(sock, keyfile, certfile, cert_reqs, ca_certs, server_hostname, ssl_version, ciphers, ssl_context, ca_cert_dir)
296 except IOError as e: # Platform-specific: Python 2.6, 2.7, 3.2
--> 297 raise SSLError(e)
298 # Py33 raises FileNotFoundError which subclasses OSError
SSLError: unknown error (_ssl.c:2728)
During handling of the above exception, another exception occurred:
SSLError Traceback (most recent call last)
<ipython-input-21-a1fcb18d19b1> in <module>()
17 credentials=Credentials(username='<masked>', password='<masked>'),
18 auth_type=NTLM,
---> 19 verify_ssl="certificate.cer"
20 )
21 account = Account(primary_smtp_address='[email protected]', config=config,
p:\tsproj~1\python\venv3\lib\site-packages\exchangelib-1.7.1-py3.4.egg\exchangelib\configuration.py in __init__(self, credentials, server, has_ssl, service_endpoint, auth_type, verify_ssl, **kwargs)
49 auth_type=auth_type,
50 credentials=credentials,
---> 51 verify_ssl=verify_ssl,
52 )
53
p:\tsproj~1\python\venv3\lib\site-packages\exchangelib-1.7.1-py3.4.egg\exchangelib\protocol.py in __call__(cls, *args, **kwargs)
156 if protocol is None:
157 log.debug("Protocol __call__ cache miss. Adding key '%s'", str(_protocol_cache_key))
--> 158 protocol = super().__call__(*args, **kwargs)
159 cls._protocol_cache[_protocol_cache_key] = protocol
160 log.debug('_protocol_cache_lock released')
p:\tsproj~1\python\venv3\lib\site-packages\exchangelib-1.7.1-py3.4.egg\exchangelib\protocol.py in __init__(self, *args, **kwargs)
175 self.auth_type = get_service_authtype(service_endpoint=self.service_endpoint, versions=API_VERSIONS,
176 verify=self.verify_ssl)
--> 177 self.docs_auth_type = get_docs_authtype(verify=self.verify_ssl, docs_url=self.types_url)
178
179 # Try to behave nicely with the Exchange server. We want to keep the connection open between requests.
p:\tsproj~1\python\venv3\lib\site-packages\exchangelib-1.7.1-py3.4.egg\exchangelib\transport.py in get_docs_authtype(docs_url, verify)
173 headers = {'Content-Type': 'text/xml; charset=utf-8'}
174 with requests.sessions.Session() as s:
--> 175 r = s.get(url=docs_url, headers=headers, allow_redirects=True, verify=verify)
176 return _get_auth_method_from_response(response=r)
177
p:\tsproj~1\python\venv3\lib\site-packages\requests\sessions.py in get(self, url, **kwargs)
486
487 kwargs.setdefault('allow_redirects', True)
--> 488 return self.request('GET', url, **kwargs)
489
490 def options(self, url, **kwargs):
p:\tsproj~1\python\venv3\lib\site-packages\requests\sessions.py in request(self, method, url, params, data, headers, cookies, files, auth, timeout, allow_redirects, proxies, hooks, stream, verify, cert, json)
473 }
474 send_kwargs.update(settings)
--> 475 resp = self.send(prep, **send_kwargs)
476
477 return resp
p:\tsproj~1\python\venv3\lib\site-packages\requests\sessions.py in send(self, request, **kwargs)
594
595 # Send the request
--> 596 r = adapter.send(request, **kwargs)
597
598 # Total elapsed time of the request (approximately)
p:\tsproj~1\python\venv3\lib\site-packages\requests\adapters.py in send(self, request, stream, timeout, verify, cert, proxies)
495 except (_SSLError, _HTTPError) as e:
496 if isinstance(e, _SSLError):
--> 497 raise SSLError(e, request=request)
498 elif isinstance(e, ReadTimeoutError):
499 raise ReadTimeout(e, request=request)
SSLError: unknown error (_ssl.c:2728)
from exchangelib.
Apparently, requests
doesn't like your certificate. Can you test the code that throws the exception in a python3 shell?
with requests.sessions.Session() as s:
r = s.get(
url='https://your.server.com/EWS/types.xsd',
headers={'Content-Type': 'text/xml; charset=utf-8'},
allow_redirects=True,
verify='/path/to/your/certificate.crt'
)
Maybe your server certificate does not contain the full certificate chain? See http://stackoverflow.com/questions/34812787/python-ssl-requests-and-lets-encrypt-certs
from exchangelib.
Hi,
I can't seem to establish whether my certificate is correct or not. Can I input an already authenticated requests.Session() object into the connection? I think that would solve my issue.
Vlad
from exchangelib.
I'm afraid that's not easily doable. But how will you achieve an authenticated requests.Session()
, if requests
can't validate the certificate?
If you're OK with the security implications, then there's also the possibility of setting verify_ssl=False
.
from exchangelib.
I have other ways to authenticate the intranet session (GET request to our auth server to get the correct cookie). Currently if I use verify=False, I get a 403 error - denied.
from exchangelib.
I see. In that case, you could have a look at extending exchangelib.protocol.BaseProtocol.create_session()
to support your custom authentication method. Currently, only basic, digest and NTLM auth are supported out of the box. You would still need to set verify_ssl=False
since your certificate is not validating.
from exchangelib.
@jimanvlad Do you still have errors related to exchangelib
on this issue? If not, I'd like to close it again.
from exchangelib.
Related Issues (20)
- Get all Public Folders HOT 23
- ErrorInvalidSchemaVersionForMailboxVersion with exchangelib v5.2.1 and Exchange server version 15.2.1544.4 HOT 45
- EOF occurred in violation of protocol HOT 4
- ValueError trying to delete a rule HOT 2
- Error getting folders for v5.2.1+ (server 2010sp3 upd.29) HOT 3
- Cannot fetch calendar folder HOT 4
- Problem getting auth type from Exchange server HOT 15
- The request failed schema validation HOT 9
- Get more than 100 records with a.protocol.resolve_names HOT 1
- EWS does not support returning more than 100 results. See https://learn.microsoft.com/en-us/exchange/client-developer/web-service-reference/resolvenames-operation
- How to disable check_hostname HOT 5
- some new distinguished folders cause 500 error HOT 4
- Support Custom Authentication Domains for Global and Governmental Environments (gcc-high, dod, etc) HOT 1
- Implement passing an Account object to GetUserAvailability in order to fix the "Returning naive datetime"-warning for timezone-unaware server responses. HOT 3
- Not enough scope error HOT 4
- OOF, The scheduled duration for sending automatic replies isn't valid HOT 4
- 403 Error | App Delegate Access for Personal Outlook Account HOT 5
- Accessing shared calendars does no longer work on 5.4.2 but it does work on 5.2.0 HOT 12
- Calendar items sent to users have reminder as 15 minutes regardless of reminder_is_set set to False HOT 1
- attachment.name returns None for Attached Outlook Items Despite Valid Subject HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from exchangelib.