Re: [exim] Wildcard certs

Góra strony
Delete this message
Reply to this message
Autor: Ryan Tracey
Data:  
CC: Exim users list
Temat: Re: [exim] Wildcard certs
Hi

>>I have a wildcard cert installed on obiwan.thawte.com. Give it a shot.
>>Thawte's production servers, which still run exim3, seem to be TLSing to the
>>exim4 box just fine. The logs show no errors for other tls hosts so far.
>
>
> Are you using wildcard certs with MUAs? They often have really shoddy
> protocol implementations.


No, sadly, and internally, at least mail clients speak to the exchange box, which in turn speaks to the mail gateway with the wildcard cert.

I'll see about some testing for that.

Cheers,
Ryan

p.s. I see from the mail logs that postini seems to be using a wildcard cert. Not one of ours, though:

paveway:/etc/exim4# openssl s_client -connect corp.idt.net.mail5.psmtp.com:25 -tls1 -starttls smtp
CONNECTED(00000003)
...cut...

Certificate chain
0 s:/C=US/ST=California/L=Redwood City/O=Postini, Inc./OU=PSMTP/CN=*.psmtp.com
i:/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority

...cut...