https://bugs.exim.org/show_bug.cgi?id=2092
--- Comment #2 from Phil Pennock <[email protected]> --- nginx src/event/ngx_event_openssl.c : /* * we can't use SSL_CTX_use_certificate_chain_file() as it doesn't * allow to access certificate later from SSL_CTX, so we reimplement * it here */ Haven't investigated to know why they want to access the same cert later, am vaguely assuming that it's to be able to extract attributes for setting as context variables (eg, for export to environ for CGI). Postfix src/tls/tls_certkey.c : tls_set_my_certificate_key_info() takes one each of RSA, DSA, ECDSA and if present calls set_cert_stuff() on each, which is a fairly thin wrapper around calling SSL_CTX_use_certificate_chain_file() and SSL_CTX_use_PrivateKey_file() together with a call to SSL_CTX_check_private_key() to ensure that the key and cert match. So I think that your analysis is correct. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
