Re: [exim] A study of failing tls certs, with valid certifi…

Startseite
Diese Nachricht ist Teil des folgenden Threads:
M\Der komplette Thread sortiert nach Datum
MMCyborg am <-
MMGraeme Fowler am ->
Nachricht löschen
Nachricht beantworten
Autor: Jeremy Harris
Datum:  
To: exim-users
Betreff: Re: [exim] A study of failing tls certs, with valid certificate files
On 09/01/2023 11:30, Cyborg via Exim-users wrote:
> It may be a good idea to check for a new solution inside exim like auto reloading the used cert every 24h's the server is running, if openssl3 is causing this "detection" bug.

It wouldn't be an OpenSSL change. Exim (since 4.95) on both Linux
and FreeBSD platforms[*] sets a watch on the relevant directories and files,
and (supposedly) reloads certs when they change. Best guess is that
this mechanism failed for some reasons.

*] For any platform not noted in the build config as supporting
either "inotify" or "kevent", TLS credentials are not cached
but re-read from file on every connection.
--
Cheers,
Jeremy


Diese Nachricht wurde auf der folgenden Mailing-List gepostet:
Exim-users
Mailing-List-Info | Nachrichten um die Zeit		<-[exim] A study of failing tls certs, with valid certificate filesRe: [exim] A study of failing tls certs, with valid certificate files->
Tahini and Hummus and Cumin Development Archives administriert von cumin AdminsLurker (Version 2.3)