Re: exim4 SSL/TLS client: refusal to verify certificate

To: debian-user@lists.debian.org
Subject: Re: exim4 SSL/TLS client: refusal to verify certificate
From: Sebastian Kapfer <s.kapfer_usenet@gmx.net>
Date: Thu, 02 Oct 2003 05:06:38 +0200
Message-id: <[🔎] pan.2003.10.02.03.06.38.109870@gammaray.dyndns.org>
References: <[🔎] pan.2003.10.02.00.42.41.692669@gammaray.dyndns.org> <[🔎] 20031002013627.GA31789@doorstop.net>

On Thu, 02 Oct 2003 03:40:07 +0200, Vineet Kumar wrote:

> Perhaps it's failing because it can't verify a certificate chain from a
> trusted root certificate?  You might need to grab the thawte CA cert and
> append it to your tlscerts.out.

You are right. Exim doesn't even care about the server's certificate. When
I concatenate all Thawte root certs (from the ca-certificates package)
into tlscerts.out, Exim can derive the validity of the GMX certificate.

I find that a bit strange, since I cannot see why I should trust Thawte
more than I trust my email provider, but so be it....

> Just a guess ... I'm doing some testing right now to try to get a better
> answer.

None needed :-)  Thank you very much!

-- 
Best Regards,  | Wer Windows-Rechner ins Internet lässt,
 Sebastian     | braucht nicht über SWEN stänkern!
               |--------------------------------------------------------
               | mailbox in "From" silently drops any mail > 20k

Reply to:

References:
- exim4 SSL/TLS client: refusal to verify certificate
  - From: Sebastian Kapfer <s.kapfer_usenet@gmx.net>
- Re: exim4 SSL/TLS client: refusal to verify certificate
  - From: Vineet Kumar <vineet@doorstop.net>

Prev by Date: pppd daemon
Next by Date: Re: [debian-users:38340] A new debian mirror in UTnet is wanted.
Previous by thread: Re: exim4 SSL/TLS client: refusal to verify certificate
Next by thread: Re: exim4 SSL/TLS client: refusal to verify certificate
Index(es):
- Date
- Thread