[Users] Oauth2 not working with Microsoft Exchange

Michael Rasmussen mir at miras.org
Mon Oct 10 15:55:48 UTC 2022 

Hi Poul,

On Mon, 10 Oct 2022 16:44:52 +0200
Paul Rolland <rol at witbe.net> wrote:

> Just did the "click the Authorise button" with --debug in the hope to
> have more details, and here is what I have :
> 

It is a local problem with you since the tls handshake fails

> ....
> oauth2.c:327:Complete body:
> client_id=0a..........261I&redirect_uri=http://127.0.0.1:8888&grant_type=authorization_code&tenant=common&scope=offline_access
> https://outlook.office.com/IMAP.AccessAsUser.All
> https://outlook.office.com/POP.AccessAsUser.All
> https://outlook.office.com/SMTP.Send socket.c:1278:Unexpected TLS
> read result -110 ** Message: 16:39:54.915: OAuth2 access token not
> obtained
> 

but:
gnutls-cli outlook.office.com 
Processed 130 CA certificate(s).
Resolving 'outlook.office.com:443'...
Connecting to '52.98.152.242:443'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
 - subject `CN=outlook.com,O=Microsoft
Corporation,L=Redmond,ST=Washington,C=US', issuer `CN=DigiCert Cloud
Services CA-1,O=DigiCert Inc,C=US', serial
0x0f12dc8955821d6d936bcf34e50f60c5, RSA key 2048 bits, signed using
RSA-SHA256, activated `2022-07-26 00:00:00 UTC', expires `2023-07-25
23:59:59 UTC',
pin-sha256="hYIYVod2peTtX9OrKIgZ+YxOL5lzf/9pB0R3nPxw4Vw=" Public Key
ID: sha1:66b0a2d60cc00948cc7fb5564d345f037ea061be
sha256:858218568776a5e4ed5fd3ab288819f98c4e2f99737fff690744779cfc70e15c
Public Key PIN: pin-sha256:hYIYVod2peTtX9OrKIgZ+YxOL5lzf/9pB0R3nPxw4Vw=

- Certificate[1] info:
 - subject `CN=DigiCert Cloud Services CA-1,O=DigiCert Inc,C=US',
  issuer `CN=DigiCert Global Root CA,OU=www.digicert.com,O=DigiCert
  Inc,C=US', serial 0x0f171a48c6f223809218cd2ed6ddc0e8, RSA key 2048
  bits, signed using RSA-SHA256, activated `2020-09-25 00:00:00 UTC',
  expires `2030-09-24 23:59:59 UTC',
  pin-sha256="UgpUVparimk8QCjtWQaUQ7EGrtrykc/L8N66EhFY3VE="
- Status: The certificate is trusted. 
- Description:
  (TLS1.3-X.509)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-256-GCM)
- Session ID:
  CE:C6:23:78:BB:04:48:8F:AC:AA:B5:D5:96:7A:A7:64:B0:0D:BD:4C:02:CF:08:68:83:69:8E:7D:37:FA:60:23
- Options: OCSP status request,
- Handshake was completed

Until you sort that out you will never get a ticket.

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael <at> rasmussen <dot> cc
https://pgp.key-server.io/pks/lookup?search=0xD3C9A00E
mir <at> datanom <dot> net
https://pgp.key-server.io/pks/lookup?search=0xE501F51C
mir <at> miras <dot> org
https://pgp.key-server.io/pks/lookup?search=0xE3E80917
--------------------------------------------------------------

'During times of universal deceit, telling the truth becomes a
revolutionary act.' -George Orwell

/usr/games/fortune -es says:
Not drinking, chasing women, or doing drugs won't make you live longer
-- it just seems that way.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.claws-mail.org/pipermail/users/attachments/20221010/9ff4087e/attachment.sig>

More information about the Users mailing list