Bug#403072: exim4-daemon-light fails to use equifax SSL cert/key
obtained from "1&1" hosting
Marc Haber
mh+debian-packages at zugschlus.de
Thu Dec 14 14:22:21 UTC 2006
On Thu, Dec 14, 2006 at 02:55:19PM +0100, Felix Palmen wrote:
> Package: exim4-daemon-light
> Version: 4.50-8sarge2
>
> When trying to use the equifax key/cert, STARTTLS triggers the following
> log:
>
> 2006-12-14 13:03:29 TLS error on connection from pd9e39091.dip.t-dialin.net
> (palmen.homeip.net) [217.227.144.145] (cert/key setup:
> cert=/etc/exim4/exim.crt key=/etc/exim4/exim.key): Base64 decoding error.
>
> It works fine when compiling the package with OpenSSL instead of GnuTLS.
What happens when you use a current version of GnuTLS? Using exim 4.50
suggests that you're working on sarge, which has a rather old version
of gnutls. Things have evolved since then and I am not willing to
debug the old stuff (since this bug is not going to be fixed in sarge
anyway).
Do I see correctly that Equifax is a CA that has issued you a
certificate? If so, how did you create the private key belonging to
the certificate request / certificate?
> So please provide optional "contrib" daemon packages built with OpenSSL,
> because this seems to be more compatible than GnuTLS.
That won't happen for license reasons. While it might currently be
possible to link exim with OpenSSL without violating license, I am too
lazy to evaluate licenses whenever I change compile options.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
More information about the Pkg-exim4-maintainers
mailing list