> On May 31, 2018, at 2:05 PM, Emanuel Gonzalez via Exim-users <exim-users@???> wrote:
>
> The problem occurs when my clients send through a mail client (example thunderbird)
>
Which is when Exim verifies the *client's* certificate.
> tls_certificate = /opt/exim/ssl/exim2.crt
> tls_privatekey = /opt/exim/ssl/linux.ferozo.com.key
> tls_advertise_hosts = *
And your server certificate is not pertinent.
> the certificate is not expired
>
> 2018-05-31 14:58:38 1fORq7-0007rY-1q [172.17.80.0] SSL verify error: depth=0 error=certificate has expired cert=/C=AR/ST=Santa Fe/L=Rosario/O=Peter/CN=*.domain.com
> 2018-05-31 14:58:38 1fORq7-0007rY-1q [172.17.80.0] SSL verify error: certificate name mismatch: "/C=AR/ST=Santa Fe/L=Rosario/O=Peter/CN=*.domain"
You're probably looking at the wrong certificate.
--
Viktor.