Re: [Exim] 2 SSL questions

Top Pagina
Deze boodschap maakt deel uit van devolgende draad:
Mde volledige draad-boom gesorteerd op datum
MMatthew Byng-Maddick op <-
M 
Delete this message
Reply to this message
Auteur: Matt Bernstein
Datum:  
Aan: Matthew Byng-Maddick
CC: exim-users
Onderwerp: Re: [Exim] 2 SSL questions
At 23:34 +0100 Matthew Byng-Maddick wrote:

>On Sun, Aug 18, 2002 at 10:40:40PM +0100, Matt Bernstein wrote:
>> I think you might misunderstand how certificates "and all that" work. The
>> client may offer a certificate, if requested, and the server may verify it
>> if it knows about a CA which has signed it. But, even though I've got it
>> to work, I'm no expert! Try the references the Exim spec points to.
>
>Unless exim 4's certificate verification calls have changed, it didn't
>deal with CAs directly, just with copies of the certificate. (either in
>a hashed directory or in a single file). (god, openssl is horrid).

Well, I certainly have certificates the Exim server has never seen being
verified by same server. So..

tls_verify_certificates = /etc/exim/DCS_CA_file.pem

..does the trick for us. So I guess that patch went in! (It so happens
that I only started looking at this in detail relatively recently.)



Deze boodschap werd naar devolgende mailinglijsten gestuurd:
Exim-users
Mailing Lijst Info | Nabije Berichten		<-Re: [Exim] 2 SSL questions[Exim] amavis / spamassassin - another neat trick....->
Tahini and Hummus and Cumin Development Archives beheerd door cumin AdminsLurker (versie 2.3)