Bug#522690: exim4-daemon-heavy: previously working client ssl certificate setup fails to work in lenny

Marc Haber mh+debian-packages at zugschlus.de
Tue Apr 7 13:23:24 UTC 2009


On Sun, Apr 05, 2009 at 09:35:22PM +0000, Stephen Gran wrote:
> Completely fails to send a client certificate.  If I add validation
> options (tls_verify_hosts, tls_try_verify_hosts) the client will send
> it's certificate, but only when it validates against the mail server ca,
> and will send cleartext otherwise.  This seems rather pointless, when
> what I want to do is use TLS as transport protection in the general
> case, but allow machines that have valid certificates to relay.
> 
> This is a pretty clear regression, hence the severity.  If there is
> something I've missed, please let me know - I don't see it right now.

Having never worked with client certificates, do you have debug output
from - preferably - both sides that could possibly give us some hints?

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190





More information about the Pkg-exim4-maintainers mailing list