Rob Gunther: > I setup a new server (OK, several months back) it is an Exim server, the > machines sole purpose is to send/receive mail. > > I never fully put it into production because I see these strange errors in > the logs sometimes: > > Received TLS cert status response, itself unverifiable > > It seems to occur when sending mail to some remote hosts.... but not all. > A lot of traffic goes out using TLS and there is no issue. > > When I get this error it occurs before the message it sent. It will > actually show the message as being sent using TLS successfully. Here is a > little snippet. > > 2015-11-24 07:09:32 1a17jH-0005wb-FR Received TLS cert status response, > itself unverifiable > 2015-11-24 07:09:33 1a17jH-0005wb-FR => [email protected] F=< > [email protected]> R=ik_r T=r_smtp S=4299 H=mail.safe.com > [108.16.186.230] X=TLSv1:AES128-SHA:128 C="250 2.6.0 <[email protected]> > [InternalId=66884] Queued mail for delivery" > 2015-11-24 07:09:33 1a17jH-0005wb-FR Completed > > I did some Google searching, the only thing that shows up is Exim source > code in github.
If you look at the code in src/src/tls-openssl.c this error seems to be specific to an OSCP failure response. https://github.com/Exim/exim/blob/master/src/src/tls-openssl.c Did you set up OSCP SSL key checking on this box? -- Chris -- Chris Knadle [email protected] -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
