[exim-dev] [Bug 2545] New: Allow disabling autogenerated sel…

Top Pagina
Delete this message
Reply to this message
Auteur: admin
Datum:  
Aan: exim-dev
Onderwerp: [exim-dev] [Bug 2545] New: Allow disabling autogenerated selfsigned cert warning
https://bugs.exim.org/show_bug.cgi?id=2545

            Bug ID: 2545
           Summary: Allow disabling autogenerated selfsigned cert warning
           Product: Exim
           Version: 4.93
          Hardware: x86
                OS: Linux
            Status: NEW
          Severity: wishlist
          Priority: low
         Component: TLS
          Assignee: jgh146exb@???
          Reporter: eximusers@???
                CC: exim-dev@???


Hello,

exim nowadays[1] enables incoming TLS by default but very frequently throws an
obnoxious warning message (No server certificate defined; will use a selfsigned
one.") if this functionality is actually used.

I think it makes perfect sense to have this functionality for hosts without
permanent hostname or behind NAT. It is a better way to provide opportunistic
TLS than having the admin handle the complexity of managing a specific snakeoil
certificate with all it entails. (Watch for expiry, use good algorithms, etc.)
Sure the performance penality exist, but should not be noticeable.

So there should be a way to disable the warning or perhaps it should not be
shown at all, or at least only once a day.

cu Andreas

[1] tls_advertise_hosts defaults to * for TLS builds since 4.87_JH/18,
on-demand generation of self-signed certificate for inbound SMTP since
4.88_JH/05, 4.93_JH/23 TLS enabled build by default.)

--
You are receiving this mail because:
You are on the CC list for the bug.