Author: Chris Edwards Date: To: exim-dev Subject: Re: [exim-dev] [Bug 786] tls_verify_hosts not verifying X509 signed
from Outlook 2007
On Tue, 2 Dec 2008, jwexler@??? wrote:
| Outlook appears to send the server certificate that I loaded in
| Outlook's trusted center.
That's very strange.
Normally, a *server* certificate is sent from the server to the client, to
help the client to authenticate the server.
In some situations, the server requires the client to supply a *client*
certifiate, to help the server authenticate the client. This seems to be
what you're after. But as Andreas says, I've no idea if/how you can make
outlook supply a *client* certificate.
However, you mention outlook sending a *server* certificate. This sounds
odd - there is no point in sending a server certificate *to* the server.
Recall that the server certificate is essentially public. Anyone who can
send packets to the server can trivially download it.