[Exim] possible bug in cert verification

Top Page
Delete this message
Reply to this message
Author: Mark Foster
Date:  
To: exim-users
New-Topics: [Exim] socket bind() to port 25 for address (any IPv4) failed: Address already in use: waiting before trying again
Subject: [Exim] possible bug in cert verification
--
I was just doing some interopability testing with exim and tls certificates.
It appears that the $tls_certificate_verified is being set to 1 even if the
client certificate is expired. See http://test.smtp.org/ for more info.
Can anyone confirm?

2004-01-23 09:21:55 SSL verify error: depth=0 error=certificate has expired cert=/C=US/ST=California/L=Emeryville/O=test.smtp.org/CN=test.smtp.org/emailAddress=postmaster@???
2004-01-23 09:21:55 SSL verify error: depth=0 error=certificate has expired cert=/C=US/ST=California/L=Emeryville/O=test.smtp.org/CN=test.smtp.org/emailAddress=postmaster@???
2004-01-23 09:21:55 H=horsey.gshapiro.net (test.smtp.org) [64.105.95.154] Warning: verified peer dn /C=US/ST=California/L=Emeryville/O=test.smtp.org/CN=test.smtp.org/emailAddress=postmaster@???
2004-01-23 09:21:58 1Ak50F-000PIX-Th <= <> H=horsey.gshapiro.net (test.smtp.org) [64.105.95.154] P=esmtp X=TLSv1:AES256-SHA:256 DN="/C=US/ST=California/L=Emeryville/O=test.smtp.org/CN=test.smtp.org/emailAddress=postmaster@???" S=3390 id=200401231721.i0NHLpQr086509@???

--
Some days it's just not worth chewing through the restraints...
Mark Foster <mark@???> http://mark.foster.cc/

--
[ Content of type application/pgp-signature deleted ]
--