Re: [exim] TLS "certificate and the given key do not match"

Top Page
Delete this message
Reply to this message
Author: Nikos Mavrogiannopoulos
Date:  
To: David Woodhouse
CC: Exim-users, Steve Madsen
Subject: Re: [exim] TLS "certificate and the given key do not match"
On Mon, Jul 22, 2013 at 1:02 PM, David Woodhouse <dwmw2@???> wrote:
>> Graeme, thanks for the push towards GNU TLS. There was just enough
>> chatter about how GNU TLS is more strict than OpenSSL for me to
>> ultimately discover the root cause.
> Have you reported this as a bug upstream to GnuTLS? If OpenSSL accepts
> these certs then it would seem sensible for GnuTLS to do so.
> If *not*, then you end up with GnuTLS being suboptimal as a replacement
> for OpenSSL for projects like Exim, because it doesn't let us remain
> backward-compatible with existing setups.


Hello,
I think that issue should be applicable to the 2.12.x series of
gnutls, not the 3.x which has quite several compatibility
improvements.

regards,
Nikos