Hello , I am trying to force TLS v1.2 on EXIM server. All Linux clients and Exim servers have openssl-1.0.1e-42 rpm. I keep getting TLSv1 on logs. "X=TLSv1:AES128-SHA:128"
** I tried adding tls_require_ciphers (below) on server but won't be able to send email from clients . openssl_options = +no_sslv2 +no_sslv3 tls_require_ciphers = ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP From Linux client: SSL/TLS handshake failed: Cannot communicate securely with peer: no common encryption algorithm(s). From EXIM server : TLS error on connection from Server.domain.com [IP Address] (SSL_accept): error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher ** I tried to remove SSLv3 from ciphers and keep it in openssl_options and I am back to TLSv1 openssl_options = +no_sslv2 +no_sslv3 tls_require_ciphers = ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP I am not sure what I need to do to get it to use TLSv1.2 Thanks -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
