From df82ac8ac41138752d3fdeb2cd1074b120843a2f Mon Sep 17 00:00:00 2001
From: Trenton H <797416+stumpylog@users.noreply.github.com>
Date: Wed, 23 Aug 2023 07:28:36 -0700
Subject: [PATCH] Adjusts to use a different loading of certificates and
 updates the docs for it

---
 docs/configuration.md      | 6 +++---
 src/paperless_mail/mail.py | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/configuration.md b/docs/configuration.md
index 13e628151..74486660f 100644
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -503,9 +503,9 @@ HTTP header/value expected by Django, eg `'["HTTP_X_FORWARDED_PROTO", "https"]'`
 
 `PAPERLESS_EMAIL_CERTIFICATE_FILE=<path>`
 
-: Configures an additional SSL certificate file containing a [combined key and certificate](https://docs.python.org/3/library/ssl.html#combined-key-and-certificate) file
-for validating SSL connections against mail providers. This is for use with self-signed certificates against
-local IMAP servers.
+: Configures an additional SSL certificate file containing a [certificate](https://docs.python.org/3/library/ssl.html#certificates)
+or certificate chain which should be trusted for validating SSL connections against mail providers.
+This is for use with self-signed certificates against local IMAP servers.
 
     Defaults to None.
 
diff --git a/src/paperless_mail/mail.py b/src/paperless_mail/mail.py
index fd66ac91d..8b41ebacf 100644
--- a/src/paperless_mail/mail.py
+++ b/src/paperless_mail/mail.py
@@ -397,7 +397,7 @@ def get_mailbox(server, port, security) -> MailBox:
     """
     ssl_context = ssl.create_default_context()
     if settings.EMAIL_CERTIFICATE_FILE is not None:  # pragma: nocover
-        ssl_context.load_cert_chain(certfile=settings.EMAIL_CERTIFICATE_FILE)
+        ssl_context.load_verify_locations(cafile=settings.EMAIL_CERTIFICATE_FILE)
 
     if security == MailAccount.ImapSecurity.NONE:
         mailbox = MailBoxUnencrypted(server, port)