Re: exim4 - tls errors [SOLVED]
Kamil Jońca wrote:
> deloptes <deloptes@gmail.com> writes:
>
>> Kamil Jońca wrote:
>>
>>> kjonca@poczta.onet.pl (Kamil Jońca) writes:
>>>
>>> some background
>>> 1. with exim 4.87 tls_advertise_hosts defaults to *.
>>> 2. also MAIN_TLS_ADVERTISE_HOSTS (main/03_exim4-config_tlsoptions)
>>> 3. to get rid this message (excet to create certificate)
>>> tls_advertise_hosts should be _empty_.
>>>
>>> so set
>>> --8<---------------cut here---------------start------------->8---
>>> MAIN_TLS_ADVERTISE_HOSTS= ""
>>> --8<---------------cut here---------------end--------------->8---
>>> works.
>>>
>>> Yes, I should read exim documentation earlier. :)
>>>
>>> KJ
>>>
>>
>> This is not exactly correct. As statedbefore setting
>> MAIN_TLS_ENABLE=false should skip the whole block of settings related to
>> SSL/TLS. No idea why you should touch the supplementary config files.
>
> Because I do not want to disable tls completly - I want to use tls whe
> exim acts as client. But I do not want tls when my clients connect to
> exim.(Its a home machine configured to use smarthosts)
>
> KJ
>
OK, but in this case you keep MAIN_TLS_ENABLE=true and look in that below
in /etc/exim4/exim4.conf.template
it means that if you add the variable MAIN_TLS_ADVERTISE_HOSTS in the
beginning of your conf.template with MAIN_TLS_ADVERTISE_HOSTS = "" it would
handle it as not set and set to *.
# Defines what hosts to 'advertise' STARTTLS functionality to. The
# default, *, will advertise to all hosts that connect with EHLO.
.ifndef MAIN_TLS_ADVERTISE_HOSTS
MAIN_TLS_ADVERTISE_HOSTS = *
.endif
tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS
if this is your case it might be worth talking to the exim4 folks and
perhaps raise a CR based on your case
regards
Reply to: