On 21/11/2022 21:41, Julian Bradfield via Exim-users wrote:
I should like to know what's happening here:
2022-11-21 21:10:42 TLS error on connection from r218.notifications.rbs.co.uk
[130.248.154.218] (gnutls_handshake): A TLS fatal alert has been received.
However, I can't see how to get any more information. I've tried
setting
add_environment = GNUTLS_DEBUG_LEVEL=3
in the exim4 config file, but it doesn't appear to do anything.
Is there a way to get more information?
The gnutls library helpfully (I infer) reads the environment at
process startup, too early for the config-driven addition of that
variable. Try having the thing firing off the exim process
adding to the environment instead. You'll need to add it
to keep_environment.
I go up to 9 on occasion, but 3 is reasonably detailed.
Alternatively, since you know there's an alert involved, go down
the packet capture route. You'll need to
add_environment = SSLKEYLOGFILE=<SOME_DIRECTORY>/sslkeys
and tell wireshark where to pick them up
(edit/pref/protocols/tls/ Master Secret Log filename)
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
