On 2014-06-02 at 11:36 -0600, The Doctor, 3328-138 Ave Edmonton AB T5Y 1M4, 669-2000, 473-4587 wrote: > Question: > > I have an intermediate cert and the 'actual' cert to install. > > What is the corrrect directive / protocol ?
----------------------------8< cut here >8------------------------------ 41.13 Certificate chains ------------------------ The file named by tls_certificate may contain more than one certificate. This is useful in the case where the certificate that is being sent is validated by an intermediate certificate which the other end does not have. Multiple certificates must be in the correct order in the file. First the host's certificate itself, then the first intermediate certificate to validate the issuer of the host certificate, then the next intermediate certificate to validate the issuer of the first intermediate certificate, and so on, until finally (optionally) the root certificate. The root certificate must already be trusted by the recipient for validation to succeed, of course, but if it's not preinstalled, sending the root certificate along with the rest makes it available for the user to install if the receiving end is a client MUA that can interact with a user. ----------------------------8< cut here >8------------------------------ -- My employer, Apcera Inc, is hiring sysadmin; primarily San Francisco: http://www.apcera.com/jobs/#operations-engineer (but all the mistakes in this email are made in my personal capacity) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
