https://bugs.exim.org/show_bug.cgi?id=2594
Jeremy Harris <jgh146exb@???> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
--- Comment #7 from Jeremy Harris <jgh146exb@???> ---
(In reply to Phil Pennock from comment #5)
> In the original bug-report here:
>
> """
> Cert hostname to check: "mail.edesix.local"
> Setting TLS SNI "mail.dev.edesix.com"
> """
>
> That is clearly an unfortunate combination. The first should use the same
> value as the second.
The SNI to be sent derives from a transport option. The writer of the config
has full latitude for foot-shooting. Of course, in the context of this bug we
realise that said writer has precious little help in obtaining a value which
would be in line with the discussions on exim-dev - that the value to be
compared
for certificate name-checking should be the result of any MX lookup, or the
start of any CNAME chain leading to the eventual A or AAAA.
I'll leave that issue for later.
--
You are receiving this mail because:
You are on the CC list for the bug.
