On 04/19/2016 08:03 PM, Jeremy Harris wrote: > On 18/04/16 17:29, Exim Users wrote:
>> i see a lot of " SSL verify error" with "certificate has expired"
>>
>> like:
>>
>> 2016-04-08 05:09:02 [1284] [91.151.213.114] SSL verify error: depth=0
>> error=certificate has expired
>
>> Is there a variable inside exim to match with a reject
> Assuming a recent-enough Exim version...
>
> Yes. You'll need to run a certextract expansion, feeding it
> $tls_in_peercert and requesting the "notafter" field:
>
> ${certextract {notafter} {$tls_in_peercert}}
>
> See the docs for details:
>
> http://exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html#SECTexpvar > That is exactly what i was looking for.
Thank you