[exim] Getting Exim to Verify Remote Server's Certificate's …

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Andri
Dátum:  
Címzett: exim-users
Tárgy: [exim] Getting Exim to Verify Remote Server's Certificate's CN and TLS Patches
Hey,

I've been unsuccessful at getting Exim to verify the remote server's
certificate correctly and searches have lead me to an old[1] patch[2]
that seems the answer to these issues. Considering Exim's progress, the
patches probably require a decent overview in addition to just making
them patchable.

[1]
http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20020909/msg00092.html
[2]
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20020916/043849.html)

The only built-in way I've found is tls_verify_certificates under a
transport, but that won't notice not-matching common names, and putting
a specific server's cert there just makes Exim fail with unverified cert
errors. Though the Root CA + CN approach seems more manageable.

Has anyone updated the patches or knows an alternative way of verifying
CN's?


Thank you in advance!

Andri