Hey, I've been unsuccessful at getting Exim to verify the remote server's certificate correctly and searches have lead me to an old[1] patch[2] that seems the answer to these issues. Considering Exim's progress, the patches probably require a decent overview in addition to just making them patchable.
[1] http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20020909/msg00092.html [2] http://www.exim.org/pipermail/exim-users/Week-of-Mon-20020916/043849.html) The only built-in way I've found is tls_verify_certificates under a transport, but that won't notice not-matching common names, and putting a specific server's cert there just makes Exim fail with unverified cert errors. Though the Root CA + CN approach seems more manageable. Has anyone updated the patches or knows an alternative way of verifying CN's? Thank you in advance! Andri -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
