Bug#591261: exim4: Certificate based verification does not work.

Andreas Metzler ametzler at downhill.at.eu.org
Sun Aug 1 16:35:42 UTC 2010


On 2010-08-01 Jon Westgate <oryn at fsck.tv> wrote:
> Package: exim4
> Version: 4.72-1
> Severity: important
> Tags: upstream

> I have been asked to setup an exim4 server for use with CJSM.
> https://www.cjsm.net This requires that a server (acting as a smart
> host in this case) encrypt and sign all emails headed for CJSM.
> This is something that according to exim.org, exim should ba
> capeable of doing.  After struggling with this for a number of days
> I came accross a blog entry on the web saying that exim compiled
> against openssl seemed to work where as exim compiled against gnutls
> didn't.  I recompiled and hey presto everything works.  I'm not
> campaining for openssl to be the default in exim, just mearly
> registering the fact that both tls_try_verify_hosts and
> tls_verify_hosts directives fail with this package.  Indeed exim as
> a client does not send a certificate when asked for one.
[...]

Hello,

the information you provided is sparse. I was to ask for a guess I would think that stumpled upon
| 39.2 OpenSSL vs GnuTLS
|
| The tls_verify_certificates option must contain the name of a file,
| not the name of a directory (for OpenSSL it can be either). 

cu andreas






More information about the Pkg-exim4-maintainers mailing list