Re: [exim] Wildcard certs

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Ryan Tracey
日付:  
CC: Exim users list
題目: Re: [exim] Wildcard certs
Hi

>>I have a wildcard cert installed on obiwan.thawte.com. Give it a shot.
>>Thawte's production servers, which still run exim3, seem to be TLSing to the
>>exim4 box just fine. The logs show no errors for other tls hosts so far.
>
>
> Are you using wildcard certs with MUAs? They often have really shoddy
> protocol implementations.


No, sadly, and internally, at least mail clients speak to the exchange box, which in turn speaks to the mail gateway with the wildcard cert.

I'll see about some testing for that.

Cheers,
Ryan

p.s. I see from the mail logs that postini seems to be using a wildcard cert. Not one of ours, though:

paveway:/etc/exim4# openssl s_client -connect corp.idt.net.mail5.psmtp.com:25 -tls1 -starttls smtp
CONNECTED(00000003)
...cut...

Certificate chain
0 s:/C=US/ST=California/L=Redwood City/O=Postini, Inc./OU=PSMTP/CN=*.psmtp.com
i:/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority

...cut...