mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-31 19:46:42 +00:00
Code Issues 32 Releases Wiki Activity

Refs 35653 -- Clarified docs for EMAIL_SSL_CERTFILE and EMAIL_SSL_KEYFILE settings.

Browse Source
This commit is contained in:
Igor Scheller 2025-01-21 23:34:23 +01:00 committed by GitHub
parent 862b7f98a0
commit 136a1e8927
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
docs/ref/settings.txt
View File

@ -1502,9 +1502,24 @@ exclusive, so only set one of those settings to ``True``.
Default: ``None`` Default: ``None``
If :setting:`EMAIL_USE_SSL` or :setting:`EMAIL_USE_TLS` is ``True``, you can If :setting:`EMAIL_USE_SSL` or :setting:`EMAIL_USE_TLS` is ``True`` and the
optionally specify the path to a PEM-formatted certificate chain file to use secure connection to the SMTP server requires client authentication, use this
for the SSL connection. setting to specify the path to a PEM-formatted certificate chain file, which
must be used in conjunction with :setting:`EMAIL_SSL_KEYFILE`.
``EMAIL_SSL_CERTFILE`` should not be used with a self-signed server certificate
or a certificate from a private certificate authority (CA). In such cases, the
server's certificate (or the root certificate of the private CA) should be
installed into the system's CA bundle. This can be done by following
platform-specific instructions for installing a root CA certificate,
or by using OpenSSL's ``SSL_CERT_FILE`` or ``SSL_CERT_DIR`` environment
variables to specify a custom certificate bundle (if modifying the system
bundle is not possible or desired).
For more complex scenarios, the SMTP
:class:`~django.core.mail.backends.smtp.EmailBackend` can be subclassed to add
root certificates to its ``ssl_context`` using
:meth:`python:ssl.SSLContext.load_verify_locations`.
.. setting:: EMAIL_SSL_KEYFILE .. setting:: EMAIL_SSL_KEYFILE
@ -1514,8 +1529,8 @@ for the SSL connection.
Default: ``None`` Default: ``None``
If :setting:`EMAIL_USE_SSL` or :setting:`EMAIL_USE_TLS` is ``True``, you can If :setting:`EMAIL_USE_SSL` or :setting:`EMAIL_USE_TLS` is ``True``, you can
optionally specify the path to a PEM-formatted private key file to use for the optionally specify the path to a PEM-formatted private key file for client
SSL connection. authentication of the SSL connection along with :setting:`EMAIL_SSL_CERTFILE`.
Note that setting :setting:`EMAIL_SSL_CERTFILE` and :setting:`EMAIL_SSL_KEYFILE` Note that setting :setting:`EMAIL_SSL_CERTFILE` and :setting:`EMAIL_SSL_KEYFILE`
doesn't result in any certificate checking. They're passed to the underlying SSL doesn't result in any certificate checking. They're passed to the underlying SSL