Probably a way too late :)
Alain D D Williams via Exim-users (Fr 30 Jul 2021
23:40:24 CEST):
…
> I do not think that I can do that here. The certificate is given to me by
> Let's
> Encrypt (le). Le verifies the (SNI) name by asking the agent to upload a nonce
> (a file with 86 random bytes) to
On Sun, Aug 01, 2021 at 03:30:49PM +0200, Exim Users wrote:
> Maybe this Snippet helps.
> I use it presenting different Certs depending on the lokal IP / Interface of
> the current connection:
Ah, that looks like the sort of thing that I was looking for.
I have just hacked my Apache config to
On 7/31/21 11:19 PM, Jeremy Harris via Exim-users wrote:
On 30/07/2021 22:40, Alain D D Williams via Exim-users wrote:
I do not think that I can do that here. The certificate is given to me by Let's
Encrypt (le). Le verifies the (SNI) name by asking the agent to upload a nonce
(a file with 86
On 30/07/2021 22:40, Alain D D Williams via Exim-users wrote:
I do not think that I can do that here. The certificate is given to me by Let's
Encrypt (le). Le verifies the (SNI) name by asking the agent to upload a nonce
(a file with 86 random bytes) to where it can see it via a web server.
On Fri, Jul 30, 2021 at 03:01:50PM -0400, Exim Users wrote:
> On Fri, Jul 30, 2021 at 07:29:33PM +0100, Alain D D Williams via Exim-users
> wrote:
>
> > I get this error in B's log, it is complaining that M's certificate is using
> > the public name, not the VPN name:
> >
> > [78.32.209.33] SSL
On Fri, Jul 30, 2021 at 07:29:33PM +0100, Alain D D Williams via Exim-users
wrote:
> I get this error in B's log, it is complaining that M's certificate is using
> the public name, not the VPN name:
>
> [78.32.209.33] SSL verify error: certificate name mismatch:
>
I have 2 machines that are on a self hosts VPN, call them B and M.
Both machines are visible on the Internet.
When B wants to send email to M it will route it over the VPN rather than
sending it to M's public Internet address.
freshmint.phcomp.co.uk is M's public Internet name
