-
std-odoo authored
PURPOSE ======= We want to be able to authenticate our servers with a certificate for the entire domain name instead of using a username and a password. SPECIFICATIONS ============== Add 2 fields on the `ir.mail_server`, which are - the SSL certificate - the SSL private key When we uploaded both files, we use them to authenticate the client of the SSL connection. Add 2 options on the Odoo binary, so we can provide the filenames of both files (like we do for the SMTP username/password). SETTINGS ======== Note that this type of authentication doesn't work locally for Microsoft office 365. It seems like Microsoft is blocking non-static IP address (not able to ping the host locally, but it works on the server). The host name of the server is defined in the MX DNS record. Then, on Office 365 you must create an SMTP relay based on a certificate and not based on a hard coded IP address. The certificate must be valid for your domain name. e.g. Host: openerp-org.mail.protection.outlook.com Port: 25 Username: <keep it blank> Password: <keep it blank> Security: STARTTLS Email: admin@odoobe.com New Python dependence ===================== The standard SSL python library only takes a filename to the certificate / private key. But, we do not want to use attachments and take the full path to the file (in the filestore) or to create temporary file. So, we need to use a new library "PyOpenSSL" which allows you to load a certificate / private key from a byte array. To make this library work with SMTPLIB we use a wrapper developed in urllib3 (PyOpenSSLContext). LINKS ===== Task-2367946 odoo/odoo#61853 odoo/upgrade#1903std-odoo authoredPURPOSE ======= We want to be able to authenticate our servers with a certificate for the entire domain name instead of using a username and a password. SPECIFICATIONS ============== Add 2 fields on the `ir.mail_server`, which are - the SSL certificate - the SSL private key When we uploaded both files, we use them to authenticate the client of the SSL connection. Add 2 options on the Odoo binary, so we can provide the filenames of both files (like we do for the SMTP username/password). SETTINGS ======== Note that this type of authentication doesn't work locally for Microsoft office 365. It seems like Microsoft is blocking non-static IP address (not able to ping the host locally, but it works on the server). The host name of the server is defined in the MX DNS record. Then, on Office 365 you must create an SMTP relay based on a certificate and not based on a hard coded IP address. The certificate must be valid for your domain name. e.g. Host: openerp-org.mail.protection.outlook.com Port: 25 Username: <keep it blank> Password: <keep it blank> Security: STARTTLS Email: admin@odoobe.com New Python dependence ===================== The standard SSL python library only takes a filename to the certificate / private key. But, we do not want to use attachments and take the full path to the file (in the filestore) or to create temporary file. So, we need to use a new library "PyOpenSSL" which allows you to load a certificate / private key from a byte array. To make this library work with SMTPLIB we use a wrapper developed in urllib3 (PyOpenSSLContext). LINKS ===== Task-2367946 odoo/odoo#61853 odoo/upgrade#1903
This project manages its dependencies using pip.
Learn more