On Mon, 22 Sep 2003, Calum Mackay wrote:
> diz # /usr/sbin/exim4 -C /var/lib/exim4/config.autogenerated -bd -q10m
> -d-all+tls
>
> but didn't get very much in the way of cert debugging:
> 6644 Process 6644 is ready for new message
> 6644 initializing GnuTLS as a server
Aha! GnuTLS. That explains some things. I'm using OpenSSL, where there
is apparently more debugging. I see this:
20629 Process 20629 is ready for new message
20629 tls_certificate file /home/ph10/exim4/AutoTest/aux/cert1
20629 tls_privatekey file /home/ph10/exim4/AutoTest/aux/cert1
20629 Initialized TLS
20629 Calling SSL_accept
20629 SSL info: before/accept initialization
20629 SSL info: before/accept initialization
20629 SSL info: SSLv3 read client hello A
20629 SSL info: SSLv3 write server hello A
20629 SSL info: SSLv3 write certificate A
20629 SSL info: SSLv3 write certificate request A
20629 SSL info: SSLv3 flush data
20629 SSL info: SSLv3 read client certificate B
20629 SSL info: SSLv3 read client certificate B
20629 SSL info: SSLv3 read client certificate B
I'm really not at all "up" in GnuTLS. The original code was contributed.
I tidied it up and tested it, but I don't know if there's any more
debugging that can be turned on. Is there anybody on this list more
clueful about GnuTLS???
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book