Adjusts to use a different loading of certificates and updates the docs for it

diff --git a/docs/configuration.md b/docs/configuration.md
index 13e628151132ad29bfc6c1529ec73ac04ed2d750..74486660fe65c3d486980219d1f054c516eae618 100644 (file)
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -503,9 +503,9 @@ HTTP header/value expected by Django, eg `'["HTTP_X_FORWARDED_PROTO", "https"]'`
 
 `PAPERLESS_EMAIL_CERTIFICATE_FILE=<path>`
 
-: Configures an additional SSL certificate file containing a [combined key and certificate](https://docs.python.org/3/library/ssl.html#combined-key-and-certificate) file
-for validating SSL connections against mail providers. This is for use with self-signed certificates against
-local IMAP servers.
+: Configures an additional SSL certificate file containing a [certificate](https://docs.python.org/3/library/ssl.html#certificates)
+or certificate chain which should be trusted for validating SSL connections against mail providers.
+This is for use with self-signed certificates against local IMAP servers.
 
     Defaults to None.
 

diff --git a/src/paperless_mail/mail.py b/src/paperless_mail/mail.py
index fd66ac91d2f703d5a139c966a706b655d0c7726c..8b41ebacf74b57cc397c743804bf9e6ff5a5e9ad 100644 (file)
--- a/src/paperless_mail/mail.py
+++ b/src/paperless_mail/mail.py
@@ -397,7 +397,7 @@ def get_mailbox(server, port, security) -> MailBox:
     """
     ssl_context = ssl.create_default_context()
     if settings.EMAIL_CERTIFICATE_FILE is not None:  # pragma: nocover
-        ssl_context.load_cert_chain(certfile=settings.EMAIL_CERTIFICATE_FILE)
+        ssl_context.load_verify_locations(cafile=settings.EMAIL_CERTIFICATE_FILE)
 
     if security == MailAccount.ImapSecurity.NONE:
         mailbox = MailBoxUnencrypted(server, port)