On Fri, 10 Jan 2025, Viktor Dukhovni via Exim-users wrote:
On Thu, Jan 09, 2025 at 11:14:38PM +0100, Gandalf Corvotempesta via Exim-users
wrote:
but i've seen the exact error enabling the debug log, so the real error is
available in some way.
I don't think I have seen that in the logs you have sent to the list.
Wrong end of the connection. Only the sender of a TLS alert knows the
details of why the alert was sent. The recipient (in this case server)
knows only the alert number, and can only report a fairly general
status, like "bad certificate".
https://datatracker.ietf.org/doc/html/rfc8446#section-6.2
https://datatracker.ietf.org/doc/html/rfc8446#section-6
In that case, can and should we make exim-as-client report
why it rejected the server's certificate in the main log ?
--
Andrew C. Aitchison Kendal, UK
[email protected]
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## [email protected]
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
