https://bugs.exim.org/show_bug.cgi?id=2545
Bug ID: 2545
Summary: Allow disabling autogenerated selfsigned cert warning
Product: Exim
Version: 4.93
Hardware: x86
OS: Linux
Status: NEW
Severity: wishlist
Priority: low
Component: TLS
Assignee: jgh146exb@???
Reporter: eximusers@???
CC: exim-dev@???
Hello,
exim nowadays[1] enables incoming TLS by default but very frequently throws an
obnoxious warning message (No server certificate defined; will use a selfsigned
one.") if this functionality is actually used.
I think it makes perfect sense to have this functionality for hosts without
permanent hostname or behind NAT. It is a better way to provide opportunistic
TLS than having the admin handle the complexity of managing a specific snakeoil
certificate with all it entails. (Watch for expiry, use good algorithms, etc.)
Sure the performance penality exist, but should not be noticeable.
So there should be a way to disable the warning or perhaps it should not be
shown at all, or at least only once a day.
cu Andreas
[1] tls_advertise_hosts defaults to * for TLS builds since 4.87_JH/18,
on-demand generation of self-signed certificate for inbound SMTP since
4.88_JH/05, 4.93_JH/23 TLS enabled build by default.)
--
You are receiving this mail because:
You are on the CC list for the bug.
