Using Ubuntu 20.4 & Python Imaplib: Can I override ssl.SSLError: [SSL: DH_KEY_TOO_SMALL]?
Question
since updating to Ubuntu 20.4 from 18.4 I can no longer access one of my email addresses
import imaplib
imap = imaplib.IMAP4_SSL('<my_email_server>')
aborts with the error message
ssl.SSLError: [SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:1108)
With Ubuntu 18.4 this works fine. It seems this is caused by a newer OpenSSL library.
On the server side I can't do anything about it. Is there a way within Python to override this setting to accept the existing key?
Update: I tried messing with the OpenSSL settings as described here: - https://askubuntu.com/questions/1231844/ssl-sslerror-ssl-dh-key-too-small-dh-key-too-small-ssl-c1108 - https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level without success.
1 answers
solution1
0 ACCPTED 2020-08-23 09:32:24
This was solved in this question
The solution is to add
context.set_ciphers('DEFAULT@SECLEVEL=1')
to the ssl context. And log in like this
import imaplib
import ssl
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
context.set_ciphers('DEFAULT@SECLEVEL=1')
imap = imaplib.IMAP4_SSL('MYSERVER_REMOVED>, ssl_context=context, port=993)
imap.login('<USER_REMOVED>','<PASSWORD_REMOVED>')
There's also a more global approach in this discussion
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.