Re: [Exim] TLS: no luck with verifying clients

Góra strony
Delete this message
Reply to this message
Autor: Richard Gration
Data:  
Dla: Calum Mackay
CC: exim-users
Temat: Re: [Exim] TLS: no luck with verifying clients
[ Sorry, used the wrong email address last time. ]

Calum Mackay wrote:
> Octo Mancer wrote:
>
>> Have you checked that the cert wasn't mangled somewhere in transmission?
>> If it was ever opened on a windows machine, or ftp'ed by windows
>> software, I'd check that the newlines (if any) haven't been translated
>> to \r\n, and that the formats of the cert files are compatible. This is
>> a common problem when setting up ssh access from windows machines ...
>
>
> Thanks; I think it's OK, since it was emailed to be direct from the
> client's system - which runs Linux - as an attachment.
>
> Are there any useful openssl runes to check the format of the cert at my
> end?


man s_server
man s_client

These are supplied with openssl and simulate a SSL/TLS aware server or
client. At the very least you could use one or the other to parse the
certificate you have. I've never done anything like this so I'm afraid I
can't help you more than this, but from a skim of the manpages it looks
like these could rule out (or reveal) several different problems.

Rick