Re: [Exim] TLS and certificate chains

Top Page
Delete this message
Reply to this message
Author: Sheldon Hearn
Date:  
To: exim-users
CC: John Holman
Subject: Re: [Exim] TLS and certificate chains

On Wed, 03 Apr 2002 17:16:37 +0100, Philip Hazel wrote:

> Now, you don't have a self-signed certificate, but this commentary
> suggests that you have to have a GlobalSign certificate installed as a
> CA on your host. No, I don't know the details of how to do this...


If you have the GlobalSign root CA installed on the client, but require
additional certificates in the chain, I think you're screwed when it
comes to Exim.

I ended up creating my own CA and requiring my SMTP relay clients to
install it on their systems. This eliminates the need for any chaining.

Ciao,
Sheldon.