imapclient error on Windows

Question

Environment that I'm having trouble on: Python 2.7.11 on Windows10 (patched up to date). Python installed via a msi. I've checked PATH settings in settings, and it's set to c:\Python27.

This works on Mac:

from imapclient import IMAPClient

IMAPClient("imap-mail.outlook.com", use_uid=True, ssl=(True))

But on Windows, if barfs like so:

Traceback (most recent call last):
  File "test_outlook_imap.py", line 3, in <module>
    IMAPClient("imap-mail.outlook.com", use_uid=True, ssl=(True))
  File "C:\Python27\lib\site-packages\imapclient\imapclient.py", line 152, in     __init__
    self._imap = self._create_IMAP4()
  File "C:\Python27\lib\site-packages\imapclient\imapclient.py", line 164, in _create_IMAP4
    self._timeout)
  File "C:\Python27\lib\site-packages\imapclient\tls.py", line 153, in __init__
    imaplib.IMAP4.__init__(self, host, port)
  File "C:\Python27\lib\imaplib.py", line 173, in __init__
    self.open(host, port)
  File "C:\Python27\lib\site-packages\imapclient\tls.py", line 159, in open
    self.sock = wrap_socket(sock, self.ssl_context, host)
  File "C:\Python27\lib\site-packages\imapclient\tls.py", line 126, in wrap_socket
    ssl_context = create_default_context()
  File "C:\Python27\lib\site-packages\imapclient\tls.py", line 109, in     create_default_context
    context.load_verify_locations(cadata=certs)
  File "C:\Python27\lib\site-packages\backports\ssl\core.py", line 654, in     load_verify_locations
    self._ctx.load_verify_locations(cafile, capath)
  File "C:\Python27\lib\site-packages\OpenSSL\SSL.py", line 528, in load_verify_locations
    _raise_current_error()
  File "C:\Python27\lib\site-packages\OpenSSL\_util.py", line 48, in     exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: []

Is this to do with Window's handling of certificate chains?

Incidentally, it does the same for imap.gmail.com in the place of the Outlook domain.

Answer 1

This is not a final answer, but the work around that I've found is to uninstall imapclient and install an older version. Version 0.13 (and 0.11) worked for me, however after upgrading to 1.0.1 I got the same error message that you posted.

To uninstall imapclient with pip, run:

pip uninstall imapclient

To install the older 0.13 version with pip, run:

pip install imapclient==0.13

To verify the version of imapclient, from the interactive shell run:

>>> import imapclient >>> imapclient.__version__

Answer 2

Here's a workaround that worked for me (Python 3.5, Windows 10), and which doesn't require downgrading:

from backports import ssl
from imapclient import IMAPClient

context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)

server = IMAPClient('imap.gmail.com', ssl=True, ssl_context=context)

The above code was derived from the developer's workaround here, but I found I only needed the one line defining context to make it work. Specifying other SSL/TLS protocols also worked.

Update: This bug should be fixed as of IMAPClient 2.x