Re: [exim] TLS "certificate expired" warnings on inbound con…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Viktor Dukhovni
Date:  
À: exim-users
Sujet: Re: [exim] TLS "certificate expired" warnings on inbound connections
On Tue, May 31, 2022 at 09:20:25PM +0200, Tim Jackson via Exim-users wrote:

> > Is there any chance that the client tries to present you a certificate,
> > even if you do not request it?


No. The TLS protocol precludes the presentation of unsolicited client
certificates. If the server does not send the certificate request
message, the protocol state machine does not support any way for the
client to send one anyway. If it tries, that would be a protocol
error, and the server would drop the connection with a suitable
alert to the client.

-- 
    VIktor.