Author: Jeremy Harris Date: To: exim-users Subject: Re: [exim] DANE(TA) doesn't work with self signed certificates
On 09/04/2018 01:26 PM, Michael Westerburg via Exim-users wrote: > problems
> sending mails to domains using DANE(TA) with self signed certificates. > Once the self signed certificate is added to the operating system's
> certificate store everything works fine. Contrary, after removing a well
> known CA certificate from this store, sending mails to DANE aware
> domains using DANE(TA) and the corresponding CA certificate fails
As the docs say:
"DANE-TA usage is effectively declaring a specific CA to be used; this
might be a private CA or a public, well-known one."
That CA needs to be known by the Exim configuration.