Re: [exim] TLS client disconnected cleanly (rejected our ce…

Top Page
Delete this message
Reply to this message
Author: Graeme Fowler
Date:  
To: exim-users
Subject: Re: [exim] TLS client disconnected cleanly (rejected our certificate?) - intermediate ssl certificate problem?
On Fri, 2011-05-27 at 10:28 +0200, Arkadiusz Miskiewicz wrote:
> It's smtp-arm.beep.pl


Certificate chain
0
s:/serialNumber=tdiXH/J1u8VHpYpEC508cZVz3R-1Z8n2/C=PL/O=*.beep.pl/OU=GT58848931/OU=See www.rapidssl.com/resources/cps (c)11/OU=Domain Control Validated - RapidSSL(R)/CN=*.beep.pl
i:/C=US/O=GeoTrust, Inc./CN=RapidSSL CA
1 s:/C=US/O=GeoTrust, Inc./CN=RapidSSL CA
i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority

That all validates correctly.

The server public key is 2048 bits - are the errors being thrown by an
old client which can't cope with a key length of > 1024 bits?

As I said in my original reply, you need to look at the errors being
thrown at the client end to work out why you have these entries in your
logs. They should be reasonably instructive.

Graeme