--
man, 2002-09-09 kl. 19:15 skrev Steve Haslam:
> Have many people used Exim as a TLS-supporting server that uses
> certificate-based authentication? It's just that I'm looking at the code and
> testing things out, and it seems that Exim doesn't always require a
> certificate when I think it should (version 4.10):
Hi Steve!
Well, I do. Almost always.
> SMTP<< STARTTLS
> tls_certificate file /etc/exim/araqnid.ddts.net-rsa.crt
> tls_privatekey file /etc/exim/araqnid.ddts.net-rsa.key
> Initialised TLS
> host in tls_verify_hosts? yes (matched "*")
> SMTP>> 220 TLS go ahead
> Calling SSL_accept
This has got nothing to do wih authentication, simply TLS encryption for
TLS-encrypted smtp.
The TLS used by slapd and the auth routines (e.g AUTH PLAIN, AUTH
CRAM-MD5) does/do any necessary authentication, which is a beast of
quite another spirit and kind (see the AUTH chapter in spec.txt). The
two should not not be confused. Can/should even use completely different
certificates from the ones above.
Best,
Tony
--
Tony Earnshaw
Tha can allway tell a Yorkshireman, but tha canna tell 'im much.
e-post: tonni@???
www: http://www.billy.demon.nl
gpg public key: http://www.billy.demon.nl/tonni.armor
Telefoon: (+31) (0)172 530428
Mobiel: (+31) (0)6 51153356
GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981
3BE7B981
--
Content-Description: Dette er en digitalt signert meldingsdel
[ signature.asc of type application/pgp-signature deleted ]
--