Martin A. Brooks <[EMAIL PROTECTED]> (Sa 14 Jun 2008 17:31:44 CEST): > Hi > > I've been looking at using a wildcard certificate with exim. I have the > cert, exim is configured to use it, and there are no complaints when > clients use STARTTLS to encrypt their session. > > Call me paranoid, but I want to verify that the certificate is actually > being used and I've drawn a blank as to how to do that. My usual tools > for SMTP kung-fu, swaks, doesn't have a "show me the cert" option nor > can I switch enough debugging on for it to show me sufficient details.
If I understand well, do you want to connect to your exim and then have
the cert of the server shown?
$ openssl s_client -connect <host>:465
or
$ openssl s_client -starttls smtp -connect <host>:25
The last one only works with a recent openssl, since there is some
bug(?) in the way starttls is implemented in s_client. (If I remember
well s_client doesn't do the initial "ESMTP|EHLO" sequence.)
Best regards from Dresden
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann HS12-RIPE -----------------------------------------
gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B -
signature.asc
Description: Digital signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
