On Sat, Jun 14, 2008 at 04:31:44PM +0100, Martin A. Brooks said: > Hi > > I've been looking at using a wildcard certificate with exim. I have the > cert, exim is configured to use it, and there are no complaints when > clients use STARTTLS to encrypt their session. > > Call me paranoid, but I want to verify that the certificate is actually > being used and I've drawn a blank as to how to do that. My usual tools > for SMTP kung-fu, swaks, doesn't have a "show me the cert" option nor > can I switch enough debugging on for it to show me sufficient details. > > Any suggestions?
As others have mentioned, openssl will show it to you. I'm not convinced you actually can do server side TLS without a cert, though, so in practice, unless you're just trying to verify the fingerprint or something, I think you can take it as read that _a_ cert is definitely being offered, and given that exim failry predictably does what you tell it to, it will most likely be the one in the file output by exim -bP configure_file Cheers, -- -------------------------------------------------------------------------- | Stephen Gran | BOFH excuse #183: filesystem not big | | [EMAIL PROTECTED] | enough for Jumbo Kernel Patch | | http://www.lobefin.net/~steve | | -------------------------------------------------------------------------- -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
