Re: [exim] SSL verify error / certificate has expired

Top Page
Delete this message
Reply to this message
Author: Torsten Tributh
Date:  
To: exim-users
Subject: Re: [exim] SSL verify error / certificate has expired


On 04/19/2016 08:03 PM, Jeremy Harris wrote:
> On 18/04/16 17:29, Exim Users wrote:
>> i see a lot of " SSL verify error" with "certificate has expired"
>>
>> like:
>>
>> 2016-04-08 05:09:02 [1284] [91.151.213.114] SSL verify error: depth=0
>> error=certificate has expired
>
>> Is there a variable inside exim to match with a reject
> Assuming a recent-enough Exim version...
>
> Yes. You'll need to run a certextract expansion, feeding it
> $tls_in_peercert and requesting the "notafter" field:
>
> ${certextract {notafter} {$tls_in_peercert}}
>
> See the docs for details:
>
> http://exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html#SECTexpvar
>

That is exactly what i was looking for.
Thank you

--
Torsten