Re: [exim] Advertising TLS

Góra strony
Delete this message
Reply to this message
Autor: Ian Eiloart
Data:  
Dla: Jon Gerdes
CC: exim-users@exim.org
Temat: Re: [exim] Advertising TLS

> On 3 Nov 2015, at 14:52, Jon Gerdes <gerdesj@???> wrote:
>
> Generating a self signed certificate at install time could be fraught
> with problems: what if there is an insecure OpenSSL/LibreSSL/whatever
> library installed and used?


Rather than use a self-signed certificate, why not use LetsEncrypt.org to get a free domain bound certificate with widespread trust anchors? 
    https://letsencrypt.org/getinvolved/

They’ve expressed an interest in getting an Exim plugin to assist with creation and deployment of certificates. The plugins help prove domain ownership and then install the certificate.

https://community.letsencrypt.org/t/what-are-plugins-used-for/74

-- 
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148