[exim-dev] [Bug 1457] New: Provide keyword to set certificat…

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Ralf G R Bergs
日付:  
To: exim-dev
題目: [exim-dev] [Bug 1457] New: Provide keyword to set certificate chain
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1457
           Summary: Provide keyword to set certificate chain
           Product: Exim
           Version: N/A
          Platform: Other
        OS/Version: All
            Status: ASSIGNED
          Keywords: work:tiny
          Severity: wishlist
          Priority: medium
         Component: TLS
        AssignedTo: pdp@???
        ReportedBy: Ralf-Exim@???
                CC: exim-dev@???



I know about the following:

<quote>
The file named by tls_certificate may contain more than one certificate. This
is useful in the case where the certificate that is being sent is validated by
an intermediate certificate which the other end does not have.
</quote>

But it would be more convenient to have a directive like e.g.
"tls_certificate_chain" that allowed you to specify just the intermediate
certificates, because that would ease updating the server certificate. You
would just drop in the new server cert when the old one has expired, and
presto!

Currently you always have to concat the server and the intermediate certs,
while most other SSL servers can read them from different files (e.g. Apache).


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email