upgrading from 4.94 to 4.96 seems to have dramatically reduced the TLS
connectivity (as a server).
I'm using libgnutls3.7.1 on debian 11 and the Exim package from backports
customers are complaining about TLS not not working
my testing mainly involves telling exim to listen on poert 443 with
implicit SSL and then hitting it with
www.sslcheck.com
tls_on_connect_ports = 465:443
daemon_smtp_ports = 25:465:587:443
and this testing also shows a change in the availalbe suites.
It mainly seems to be ECDH suites that are no longer avaialable.
I'm not sure how to proceed.
--
Jasen.
