[exim] Getting Exim to Verify Remote Server's Certificate's …

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Delete this message
Reply to this message
Author: Andri
Date:  
To: exim-users
Subject: [exim] Getting Exim to Verify Remote Server's Certificate's CN and TLS Patches
Hey,

I've been unsuccessful at getting Exim to verify the remote server's
certificate correctly and searches have lead me to an old[1] patch[2]
that seems the answer to these issues. Considering Exim's progress, the
patches probably require a decent overview in addition to just making
them patchable.

[1]
http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20020909/msg00092.html
[2]
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20020916/043849.html)

The only built-in way I've found is tls_verify_certificates under a
transport, but that won't notice not-matching common names, and putting
a specific server's cert there just makes Exim fail with unverified cert
errors. Though the Root CA + CN approach seems more manageable.

Has anyone updated the patches or knows an alternative way of verifying
CN's?


Thank you in advance!

Andri


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] How to Flush mails older than 4 days...help !!Re: [exim] sender verification->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)