Hello,
some SSL experts around? I got a "legacy" Exim (4.80), linked with GNUTLS
libgnutls.so.26 => /usr/lib/i386-linux-gnu/libgnutls.so.26, and installed new
certificates. Now we got connection problems.
A `nmap --script ssl-enum-ciphers -p T25 ...` shows:
25/tcp open smtp
| ssl-enum-ciphers:
| TLSv1.1:
| ciphers:
| TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
| TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
| compressors:
|
|_ least strength: strong
I would have expected much more. Apache with the same cert has more.
Exim config doesn't mention any tls settings beside key and cert. Any
idea, what parameter I should check (Key: length, type? Signature
type?)
Connection problems: (gnutls_handshake): Could not negotiate a supported cipher suite.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
