[SoCoSA/discuss] exim TLS cert problem

Sean seanvanco at gmail.com
Thu Aug 27 09:46:12 PDT 2009 

I'll try thunderbird later today, but I also checked using my own
Outlook. I know it is configured with the correct mail server, and I
went over it detail with the user as well.

I agree that it could be a client issue, but it concerns me when it is
more than one system. This used to happen on kmail but I had thought I
fixed it by re-installing the security cert awhile back. I'll see if I
can try a few other clients as well.

Sean


On Thu, Aug 27, 2009 at 9:36 AM, Christopher Wagner<waggie at waggie.net> wrote:
> Just out of curiousity, since you don't explicitly state it, is the user's mail client actually configured to connect to the right host name?  This sounds kinda like a client issue if kmail is working without complaint (though it could be ignoring it).  How does Thunderbird respond?
>
> - Chris
>
> Nicholas Potterton wrote:
>
> is it possible the certificate has expired?
>
> you need to view the cert closely
>
>
>
> --- On Thu, 8/27/09, Sean &lt;seanvanco at gmail.com> wrote:
>
>
>
>
>
> From: Sean &lt;seanvanco at gmail.com>
>
> Subject: [SoCoSA/discuss] exim TLS cert problem
>
> To: "SoCoSA general discussion list" &lt;discuss at socosa.org>
>
> Date: Thursday, August 27, 2009, 8:51 AM
>
>
>
>
>
> I'm hoping that someone can help me with a security certificate
>
> problem with my exim server. This has worked in the past and I don't
>
> know why it is not working now.
>
>
>
> The situation is that my mail and web servers reside on the same box.
>
> I have two security certificates installed, one for www.domain.com and
>
> one for mail.domain.com. I have my exim server configured to use the
>
> mail.domain.com cert for TLS (exim.conf entries below), but when a
>
> Windows client (i.e. Outlook) uses TLS, it says that there is a
>
> problem with the security cert and that the CN does not match the
>
> server name. It is probably grabbing the www cert instead of the mail
>
> cert, but I see no way to verify this or why it would be happening.
>
>
>
> exim.conf excerpt:
>
>
>
> # SSL/TLS cert and key
>
> tls_certificate = /etc/exim.cert
>
> tls_privatekey = /etc/exim.key
>
>
>
> tls_advertise_hosts = *
>
>
>
> I had my certificate vendor confirm that the security cert listed
>
> above is the mail cert.
>
>
>
> My kmail program on Linux is not complaining of this problem (and
>
> according to /var/log/mail.log on the server the POP connection IS
>
> using TLS for the kmail app), but I do not know of a way to check to
>
> see what certs either client is using. Also, I'm not the only one
>
> having this problem with the TLS on my server, so I suspect it would
>
> happen for any user on any computer.
>
>
>
> I'm using Debian Etch 32-bit and exim 4 (the latest version).
>
>
>
>
>
> Thank you in advance for any help.
>
>
>
> Sean
>
>
>
> _______________________________________________
>
> SoCoSA discuss mailing list
>
> discuss at socosa.org
>
> Your address: n.potterton at yahoo.co.uk
>
> http://socosa.org/mailman/listinfo/discuss
>
> http://socosa.org/mailman/options/discuss/n.potterton%40yahoo.co.uk
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
>
> SoCoSA discuss mailing list
>
> discuss at socosa.org
>
> Your address: waggie at waggie.net
>
> http://socosa.org/mailman/listinfo/discuss
>
> http://socosa.org/mailman/options/discuss/waggie%40waggie.net
>
>
> _______________________________________________
> SoCoSA discuss mailing list
> discuss at socosa.org
> Your address: seanvanco at gmail.com
> http://socosa.org/mailman/listinfo/discuss
> http://socosa.org/mailman/options/discuss/seanvanco%40gmail.com
>

More information about the discuss mailing list