Re: [exim] STARTTLS fails

Top Page
Delete this message
Reply to this message
Author: Andreas Metzler
Date:  
To: exim-users
Subject: Re: [exim] STARTTLS fails
Daniel Tiefnig <exim@???> wrote:
> Marc Sherman wrote:
>> On debian, iif gnutls-bin is installed, it changes the way it
>> regenerates the encryption params to do a way that does not cause
>> Exim to block.


> Could you be a little bit more verbose on this? What exactly is changed?
> I assume this is something debian-specific hacked into exim? Couldn't
> track it in the patches, though.


No Debian specific changes to exim's sourcecode. We are just using
certtool from gnutls (or since recently alternativel openssl) to
re-generate rsa and dh-params offline in the cronjob, instead of
removing them and letting the exim-daemon handle the regeneration when
STARTTLS is used.
cu andreas

<http://svn.debian.org/wsvn/pkg-exim4/exim/trunk/debian/exim4_refresh_gnutls-params?op=file&rev=0&sc=0>
-- 
The 'Galactic Cleaning' policy undertaken by Emperor Zhark is a personal
vision of the emperor's, and its inclusion in this work does not constitute
tacit approval by the author or the publisher for any such projects,
howsoever undertaken.                                (c) Jasper Ffforde