Re: [exim] TLS "certificate expired" warnings on inbound con…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Viktor Dukhovni
Datum:  
To: exim-users
Betreff: Re: [exim] TLS "certificate expired" warnings on inbound connections
On Tue, May 31, 2022 at 09:20:25PM +0200, Tim Jackson via Exim-users wrote:

> > Is there any chance that the client tries to present you a certificate,
> > even if you do not request it?


No. The TLS protocol precludes the presentation of unsolicited client
certificates. If the server does not send the certificate request
message, the protocol state machine does not support any way for the
client to send one anyway. If it tries, that would be a protocol
error, and the server would drop the connection with a suitable
alert to the client.

-- 
    VIktor.