------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=1397
--- Comment #4 from Wolfgang Breyha <wbreyha@???> 2013-10-15 10:43:53 ---
(In reply to comment #3)
> In the meantime, if ECDHE matters then I suggest using GnuTLS with Exim and
> providing the control options via the Priority String which can be given in
> Exim's `tls_require_ciphers` option.
I used GnuTLS until 4.82_RC1.
The problem I've with GnuTLS is that since the addition of a single call to the
PKCS#11 suite in exim GnuTLS MUST have p11-kit support compiled in. On
RHEL/CentOS 5 this is nearly impossible ending up with dependencies to ...
openssl. That means that exim-4.82 breaks GnuTLS support on all these older
plattforms.
That's why I changed back to openssl building custom 1.0.1e RPMs. And since
every other server with SSL support, like apache, nginx, dovecot, ... added
ECDH support in that way I did it as well.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
