since updating to Ubuntu 20.4 from 18.4 I can no longer access one of my email addresses
import imaplib
imap = imaplib.IMAP4_SSL('<my_email_server>')
aborts with the error message
ssl.SSLError: [SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:1108)
With Ubuntu 18.4 this works fine. It seems this is caused by a newer OpenSSL library.
On the server side I can't do anything about it. Is there a way within Python to override this setting to accept the existing key?
Update: I tried messing with the OpenSSL settings as described here: - https://askubuntu.com/questions/1231844/ssl-sslerror-ssl-dh-key-too-small-dh-key-too-small-ssl-c1108 - https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level without success.
This was solved in this question
The solution is to add
context.set_ciphers('DEFAULT@SECLEVEL=1')
to the ssl context. And log in like this
import imaplib
import ssl
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
context.set_ciphers('DEFAULT@SECLEVEL=1')
imap = imaplib.IMAP4_SSL('MYSERVER_REMOVED>, ssl_context=context, port=993)
imap.login('<USER_REMOVED>','<PASSWORD_REMOVED>')
There's also a more global approach in this discussion