On 2022-05-31 at 14:33:19 UTC-0400 (Tue, 31 May 2022 20:33:19 +0200)
Tim Jackson via Exim-users
is rumored to have said:
I have some legitimate-looking hosts from a major bank producing log
lines like this when attempting incoming connections to a public MX:
TLS error on connection from
On Tue, May 31, 2022 at 09:55:22PM +0200, Tim Jackson via Exim-users wrote:
> Thanks for the clarification. So the issue is the client verification of the
> server cert, not a client cert.
Yes, unless I've grossly misread your description of the symptoms.
> > The DST Root CA is expired. You
On 31/05/2022 21:14, Viktor Dukhovni via Exim-users wrote:
TLS alerts report error conditions from the remote peer. If your server
logs a TLS alert, that alert was generated on the remote end. So if
this is a connection from a client to your server, then the "certificate
expired" condition is
On Tue, May 31, 2022 at 09:20:25PM +0200, Tim Jackson via Exim-users wrote:
> > Is there any chance that the client tries to present you a certificate,
> > even if you do not request it?
No. The TLS protocol precludes the presentation of unsolicited client
certificates. If the server does not
On 31/05/2022 20:53, Heiko Schlittermann via Exim-users wrote:
TLS error on connection from r209.notifications.natwest.com
[130.248.154.209]:44104 I=[167.235.252.255]:25 (SSL_accept):
error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired
Is there any chance that the
On Tue, May 31, 2022 at 08:33:19PM +0200, Tim Jackson via Exim-users wrote:
> [130.248.154.209]:44104 I=[167.235.252.255]:25 (SSL_accept):
> error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired
TLS alerts report error conditions from the remote peer. If your server
logs
Hi Tim,
Tim Jackson via Exim-users (Di 31 Mai 2022 20:33:19 CEST):
>
> TLS error on connection from r209.notifications.natwest.com
> [130.248.154.209]:44104 I=[167.235.252.255]:25 (SSL_accept):
> error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired
Is there any chance
I have some legitimate-looking hosts from a major bank producing log lines
like this when attempting incoming connections to a public MX:
TLS error on connection from r209.notifications.natwest.com
[130.248.154.209]:44104 I=[167.235.252.255]:25 (SSL_accept):
error:14094415:SSL