Google appears to update it’s SSL cert nightly which breaks my fetch mail script nightly as well. Here’s a simple python script in case this happens to you!
import ssl
import socket
import hashlib
import sys
addr = 'imap.gmail.com'
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(1)
wrappedSocket = ssl.wrap_socket(sock)
try:
wrappedSocket.connect((addr, 993))
except:
response = False
else:
der_cert_bin = wrappedSocket.getpeercert(True)
pem_cert = ssl.DER_cert_to_PEM_cert(wrappedSocket.getpeercert(True))
#print(pem_cert)
#Thumbprint
thumb_md5 = hashlib.md5(der_cert_bin).hexdigest()
#print("MD5: " + thumb_md5)
wrappedSocket.close()
cnt = 0
thumb_md5_d = ''
for letter in thumb_md5:
if cnt%2 == 0 and cnt!=0:
thumb_md5_d += ':'
thumb_md5_d += letter
cnt += 1
thumb_md5_d = thumb_md5_d.upper()
infile = "//home//user//fetchmailrc.tmp"
text = open(infile)
outfile = open('/etc/fetchmailrc', 'w')
outfile.truncate()
textToSearch = 'GOOGLE_FINGERPRINT'
for line in text:
if textToSearch in line:
line = line.replace( textToSearch, thumb_md5_d )
outfile.write(line)
Where fetchmailrc.tmp is this (in addition to whatever else in your fetchmailrc):
poll imap.gmail.com protocol IMAP user "login@gmail.com" there with password "password" is blah@blah.com here nofetchall ssl sslfingerprint 'GOOGLE_FINGERPRINT'
Then you setup a cron job to run it nightly and now you’ve got up to date Google fingerprints!