Hello, some SSL experts around? I got a "legacy" Exim (4.80), linked with GNUTLS libgnutls.so.26 => /usr/lib/i386-linux-gnu/libgnutls.so.26, and installed new certificates. Now we got connection problems.
A `nmap --script ssl-enum-ciphers -p T25 ...` shows:
25/tcp open smtp
| ssl-enum-ciphers:
| TLSv1.1:
| ciphers:
| TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
| TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
| compressors:
|
|_ least strength: strong
I would have expected much more. Apache with the same cert has more.
Exim config doesn't mention any tls settings beside key and cert. Any
idea, what parameter I should check (Key: length, type? Signature
type?)
Connection problems: (gnutls_handshake): Could not negotiate a supported cipher
suite.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
signature.asc
Description: Digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
