Bug#522690: exim4-daemon-heavy: previously working client ssl certificate setup fails to work in lenny
Marc Haber
mh+debian-packages at zugschlus.de
Tue Apr 7 13:23:24 UTC 2009
On Sun, Apr 05, 2009 at 09:35:22PM +0000, Stephen Gran wrote:
> Completely fails to send a client certificate. If I add validation
> options (tls_verify_hosts, tls_try_verify_hosts) the client will send
> it's certificate, but only when it validates against the mail server ca,
> and will send cleartext otherwise. This seems rather pointless, when
> what I want to do is use TLS as transport protection in the general
> case, but allow machines that have valid certificates to relay.
>
> This is a pretty clear regression, hence the severity. If there is
> something I've missed, please let me know - I don't see it right now.
Having never worked with client certificates, do you have debug output
from - preferably - both sides that could possibly give us some hints?
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190
More information about the Pkg-exim4-maintainers
mailing list