Author: Sheldon Hearn Date: To: exim-users CC: John Holman Subject: Re: [Exim] TLS and certificate chains
On Wed, 03 Apr 2002 17:16:37 +0100, Philip Hazel wrote:
> Now, you don't have a self-signed certificate, but this commentary
> suggests that you have to have a GlobalSign certificate installed as a
> CA on your host. No, I don't know the details of how to do this...
If you have the GlobalSign root CA installed on the client, but require
additional certificates in the chain, I think you're screwed when it
comes to Exim.
I ended up creating my own CA and requiring my SMTP relay clients to
install it on their systems. This eliminates the need for any chaining.