Re: [exim] SSL cert depending on hello string ?

Top Page
Delete this message
Reply to this message
Author: Jan Ingvoldstad
Date:  
To: exim users
Subject: Re: [exim] SSL cert depending on hello string ?
On Wed, May 27, 2015 at 7:11 PM, Andreas Metzler <eximusers@???> wrote:

> Cyborg <cyborg2@???> wrote:
> > Hi guys,
>
> > did anyone ever tried to extend the SMTP protocol to something like this
> ?
>
> > HELO clienthostname
> > 250 OK
> > HOST maildomain.de
> > 250 OK
> > STARTTLS
> > ....
> > and getting the correct certificate for this domain ?
>
> > This way authentication could be done together with encryption, instead
> > of encryption only.
>
> That's what SNI is for, isn't it?
>


Yes, SNI is there so you don't have to do the above.

Cyborg: See also
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html


--
Jan