Re: [exim] TLS "certificate expired" warnings on inbound con…

Inizio della pagina
Delete this message
Reply to this message
Autore: Viktor Dukhovni
Data:  
To: exim-users
Oggetto: Re: [exim] TLS "certificate expired" warnings on inbound connections
On Tue, May 31, 2022 at 09:20:25PM +0200, Tim Jackson via Exim-users wrote:

> > Is there any chance that the client tries to present you a certificate,
> > even if you do not request it?


No. The TLS protocol precludes the presentation of unsolicited client
certificates. If the server does not send the certificate request
message, the protocol state machine does not support any way for the
client to send one anyway. If it tries, that would be a protocol
error, and the server would drop the connection with a suitable
alert to the client.

-- 
    VIktor.