[exim] *SOLVED* Re: Re: Issues with external servers using i…

Top Page
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: exim-users
Old-Topics: [exim] Re: Issues with external servers using incorrect ssl since around new years eve
Subject: [exim] *SOLVED* Re: Re: Issues with external servers using incorrect ssl since around new years eve

BIG THANKS TO SLAVKO :D

Am 05.01.24 um 14:38 schrieb Slavko via Exim-users:
> Dňa 5. januára 2024 13:15:37 UTC používateľ Cyborg via Exim-users <exim-users@???> napísal:
>
>> Exim(-> openssl) does not accept one specific TLS 1.2 cipher on incoming connections anymore.
>> Fact checked with s_client .... -tls1_2 -cipher ECDHE-RSA-AES256-GCM-SHA384
> Do you use EC(DSA) or RSA certificate?
>


You may be on something:

Current:

        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:

Previous:

        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)

... exchanging the exim.pem from ec to rsa ...

** Working again **  :D

That's the Let's Encrypt switch => EC as the default.

## TO ALL ##

You have to request RSA Certs from LE , or this will to you too.

Of course, you or LE are not to blame if it happens, as the root cause
of this are other servers not keeping up with the crypto development in
the real world and missing EC support!


best regards,
Marius



--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/