Author: Andreas Metzler Date: To: exim-users Subject: Re: [exim] My self signed cert seems to fail with american express
Marc MERLIN <marc_exim4@???> wrote: > Two issues. > With exim 4.80 on mail1.merlins.org, I have TLS Email working pretty
> much all the time (as far as I can tell), but I just noticed that I
> was not getting some Emails from american express. [...] > You are welcome to spam my Email directly to see what cert and encryption
> you get out of it, although I kind of know it already works with exim,
> gmail, and more, so the problem must be less obvious than that. [...]
Two obvious things:
------------------------------------
*prompt* gnutls-cli -s -p 25 mail1.merlins.org
[...]
220 TLS go ahead
*** Starting TLS handshake
- Ephemeral Diffie-Hellman parameters
- Using prime: 2048 bits
- Secret key: 2046 bits
- Peer's public key: 2045 bits
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
- subject `CN=merlins.org,O=Linux Geeks Inc,L=Silicon Valley,ST=CA,C=US,DC=merlins.org', issuer `CN=merlins.org,O=Linux Geeks Inc,L=Silicon Valley,ST=CA,C=US,DC=merlins.org', RSA key 2432 bits, signed using RSA-SHA1, activated `2013-12-26 21:52:08 UTC', expires `2014-01-25 21:52:08 UTC', SHA-1 fingerprint `84548240169ce156ca56b2730726ae1b1cd4e799'
- The hostname in the certificate does NOT match 'mail1.merlins.org'
------------------------------------
hth, cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
