Hi Gilles,

Did you by any chance have time to look at #926? It there something wrong with 
my setup or is this a kind of a regression?
Thanks for any info on this!


Dani

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, 26 July 2019 13:51, Gilles Chehade <gil...@poolp.org> wrote:

> On Fri, Jul 26, 2019 at 08:19:33AM +0000, L??vai, D??niel wrote:
>
> > Hi all!
> > Running OpenBSD 6.5-stable, I have this on my relay host:
> > smtpd.conf:
> > ca myCA cert "/path/to/myCA.pem"
> > listen on egress port submission \
> > tls-require verify \
> > ca myCA
> > Now with that I expected that it'll only accept smtp clients that provide a 
> > certificate signed by myCA, but it turns out it accepts any certificate 
> > that is trusted based on the default /etc/ssl/certs.pem file.
> > Besides (re)moving the stock certs file or any other intrusive/ugly 
> > workaround, is there any way I could force a CA for those connections?
>
> Your expectations are also mine.
>
> Please open an issue on our bug tracker, I'll have a look at it shortly
> as I recently did work in that area and it worked as I expected, so I'm
> a bit surprised.
>
> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Gilles Chehade @poolpOrg
>
> https://www.poolp.org patreon: https://www.patreon.com/gilles



Reply via email to