Guillermo Llenas wrote:
|
|
| Hi all,
|
|
| I 've compiled exim with tls/ssl support. I generated the self signed
| ceritificate and Host key/par. (ca.key {ca.csr} and ca.crt)
| Then added the lines in exim.conf to make it work. Everything fine
| until this: if i use " tls_try_verify_hosts = * " , I can send and
| receive emails without any problem, all using ssl.
|
congratulations, maybe you could help me on linux basics ;), ill help
you on crypto sw:
| 17:01:02 12431 SSL info: SSLv3 read client certificate B
| 17:01:02 12431 SSL info: SSLv3 read client certificate B
| 17:01:02 12431 SSL info: SSLv3 read client certificate B
| 17:01:02 12431 LOG: MAIN
| 17:01:02 12431 TLS error on connection from (interjhxbcokee)
| [200.117.243.64]:4788 (SSL_accept): error:140890C7:SSL
| routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
|
if theres no other issue with your confs, the peer ISNT configured
properly to handle cert requests, the log says it.
maybe the peer checks your self-signed, doesnt find a root ca for it and
then cancels your request. mine is from cacert.org.
- ----
could you pls verify that ive proper unix file access set up?
i got an issue with groups on another debian sarge box:
even if a file set to
- -rw-r----- root video , as user of group video i cannot access that
file, is that normal? (see pls my last post, too)
tom3:~# ls -Rl /etc/ssl
/etc/ssl:
total 20
drwxr-xr-x 2 root root 8192 Jul 21 18:47 certs
- -rw------- 1 root root 7659 Jul 21 00:42 openssl.cnf
drwxr-x--- 2 root Debian-exim 4096 Jul 21 18:41 private
- -rw-r--r-- 1 root root 89566 Jul 21 18:47
ca-certificates.crt
- -rw-r--r-- 1 root root 86997 Jul 21 18:47
ca-certificates.crt~
- -rw-r--r-- 1 root root 2569 Jul 21 18:41 cacert.crt
- -rw-r--r-- 1 root Debian-exim 1893 Jul 21 01:04
cacertorg-sddk.cer
- -r--r----- 1 root Debian-exim 887 Jul 21 01:17
cacertorg-sddk.key
- -r--r----- 1 root Debian-exim 963 Jul 21 00:52
cacertorg-sddk.pem
than you,
tom
