https://bugs.exim.org/show_bug.cgi?id=2594
Jeremy Harris <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED --- Comment #7 from Jeremy Harris <[email protected]> --- (In reply to Phil Pennock from comment #5) > In the original bug-report here: > > """ > Cert hostname to check: "mail.edesix.local" > Setting TLS SNI "mail.dev.edesix.com" > """ > > That is clearly an unfortunate combination. The first should use the same > value as the second. The SNI to be sent derives from a transport option. The writer of the config has full latitude for foot-shooting. Of course, in the context of this bug we realise that said writer has precious little help in obtaining a value which would be in line with the discussions on exim-dev - that the value to be compared for certificate name-checking should be the result of any MX lookup, or the start of any CNAME chain leading to the eventual A or AAAA. I'll leave that issue for later. -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
