[Pkg-exim4-users] tls_verify_certificates = system
Calum Mackay
calum.mackay at cdmnet.org
Sun Sep 6 01:18:40 UTC 2015
hi all,
I tried to use the new option to use the system standard CA bundle (new
in 4.86), for certificate verification.
I tried overriding:
MAIN_TLS_VERIFY_CERTIFICATES = system
as per spec Ch.14.
But when I did this, all certificate verification stopped working. When
I reverted to the pkg default (appended), all started working again.
I'm running on sid, so my GNU TLS is 3.3.17, exim 4.86-3 (heavy).
Presumably I'm doing something wrong, but I don't see it. Any ideas, please?
thanks much indeed.
best regards,
calum.
.ifndef MAIN_TLS_VERIFY_CERTIFICATES
MAIN_TLS_VERIFY_CERTIFICATES = ${if
exists{/etc/ssl/certs/ca-certificates.crt}\
{/etc/ssl/certs/ca-certificates.crt}\
{/dev/null}}
.endif
tls_verify_certificates = MAIN_TLS_VERIFY_CERTIFICATES
More information about the Pkg-exim4-users
mailing list