Bug#403072: exim4-daemon-light fails to use equifax SSL cert/key
obtained from "1&1" hosting
Felix Palmen
fmp at palmen.homeip.net
Thu Dec 14 15:14:20 UTC 2006
Hallo Marc,
* Marc Haber <mh+debian-packages at zugschlus.de> [20061214 15:22]:
> What happens when you use a current version of GnuTLS? Using exim 4.50
> suggests that you're working on sarge, which has a rather old version
> of gnutls.
I tried to do this right now, but found it would require to many
backports and other updates to the system.
> Things have evolved since then and I am not willing to
> debug the old stuff (since this bug is not going to be fixed in sarge
> anyway).
Of course it won't, but I'd consider this a general problem. As for me,
it's ok if it works after the Etch release, but who knows if there are
other incompatibilities with GnuTLS.
> Do I see correctly that Equifax is a CA that has issued you a
> certificate? If so, how did you create the private key belonging to
> the certificate request / certificate?
Unfortunately, I had to take the key from the hoster, so I don't know
how it was generated. All I know is that OpenSSL can read it without
problems.
On my home system, i created key/request and signed all myself with
OpenSSL and this key/cert pair works fine with GnuTLS/sarge, though.
> > So please provide optional "contrib" daemon packages built with OpenSSL,
> > because this seems to be more compatible than GnuTLS.
>
> That won't happen for license reasons. While it might currently be
> possible to link exim with OpenSSL without violating license, I am too
> lazy to evaluate licenses whenever I change compile options.
Well, that's kind of regrettable. So I'll hope the problem is solved in
etch.
Regards,
Felix
More information about the Pkg-exim4-maintainers
mailing list