Hi Mike Thank you for your answer. That was my impression as well. If there is no other way I will use this method.
Thanks! David On 11/01/2011 10:44, David Angleitner wrote: > I'm looking for a way to verify the fingerprint > of a remote server's certificate when sending > mail. > > I understand tls_verify_certificates can be used > to match the certificate. Is there a way to verify > the fingerprint instead? > > What I'm looking for is what can be done in postfix > with a tls_policy_map like this: > > domain.tld fingerprint > match=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx I don't think you can use fingerprints. I *think* you need to fetch the certificate, store it on disk (file or folder depending on OpenSSL or GnuTLS) and then use the tls_verify_certificates option in the remote smtp transport. Look up that option on http://www.exim.org/exim-html-current/doc/html/spec_html/ch39.html -- Mike Cardwell https://secure.grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
