On 18/04/16 17:29, Exim Users wrote:
> i see a lot of " SSL verify error" with "certificate has expired"
>
> like:
>
> 2016-04-08 05:09:02 [1284] [91.151.213.114] SSL verify error: depth=0
> error=certificate has expired
>Is there a variable inside exim to match with a reject
Assuming a recent-enough Exim version...
Yes. You'll need to run a certextract expansion, feeding it
$tls_in_peercert and requesting the "notafter" field:
${certextract {notafter} {$tls_in_peercert}}
See the docs for details:
http://exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html#SECTexpvar
--
Cheers,
Jeremy
