[exim-dev] [Bug 2594] CNAME handling can break TLS certifica…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
MViktor Dukhovni at ->
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Old-Topics: [exim-dev] [Bug 2594] New: CNAME handing can break TLS certificate verification
Subject: [exim-dev] [Bug 2594] CNAME handling can break TLS certificate verification
https://bugs.exim.org/show_bug.cgi?id=2594

Heiko Schlittermann <hs@???> changed: 

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |hs@???


--- Comment #11 from Heiko Schlittermann <hs@???> ---
Checked in real-world and it seems to work as expected. The router sets the
host to smtp.office365.com, DNS CNAMES redirect to a bunch of other names which
in turn resolve to addresses.

The certificate the peers present match the hostname of the router and Exim
now can verify that.

Thanks.

--
You are receiving this mail because:
You are on the CC list for the bug.
This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-[exim-dev] [Bug 2704] DANE client-side documentation issues[exim-dev] [Bug 2706] New: DKIM and Received headers->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)