Heiko Schlittermann <hs@???> (Mi 21 Dez 2016 10:45:24 CET):
> Hello,
>
> some SSL experts around? I got a "legacy" Exim (4.80), linked with GNUTLS
> libgnutls.so.26 => /usr/lib/i386-linux-gnu/libgnutls.so.26, and installed new
> certificates. Now we got connection problems.
>
> A `nmap --script ssl-enum-ciphers -p T25 ...` shows:
>
> 25/tcp open smtp
> | ssl-enum-ciphers:
> | TLSv1.1:
> | ciphers:
> | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
> | TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
> | compressors:
> |
Solved. Wrong certfile was installed (only the chain certs instead of
the cert + chaincerts).
My own stupidity.
Thank you.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
