Re: [exim] GnuTTS woes

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MViktor Dukhovni at <-
MViktor Dukhovni at ->
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: exim-users
Subject: Re: [exim] GnuTTS woes
Am 28.09.22 um 16:28 schrieb Viktor Dukhovni via Exim-users:
>
> Ditto on port 465 and with IPv4:
>
>      $ posttls-finger -c -lmay -Lsummary -w -o inet_protocols=ipv4 -p TLSv1.2 "[eximtest.duckdns.org]:465"
>      posttls-finger: Untrusted TLS connection established
>          to eximtest.duckdns.org[172.105.179.7]:465:
>          TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
>

Same with openssl:

TLS 1.3

openssl s_client --connect eximtest.duckdns.org:25 -starttls smtp
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
...
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit

TLS 1.2:

New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported


But your key is a bit short. I suggest to upgrade it to at least 4096 bits.

best regards,
Marius
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] MacOS development was Re: After upgrade to Exim 4.95 or 4.96: "setgroups: Invalid argument"Re: [exim] GnuTTS woes->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)