Hi all! Running OpenBSD 6.5-stable, I have this on my relay host:
smtpd.conf: ca myCA cert "/path/to/myCA.pem" listen on egress port submission \ tls-require verify \ ca myCA Now with that I expected that it'll only accept smtp clients that provide a certificate signed by myCA, but it turns out it accepts any certificate that is trusted based on the default /etc/ssl/certs.pem file. Besides (re)moving the stock certs file or any other intrusive/ugly workaround, is there any way I could force a CA for those connections? Thanks for any hints, Dani -- Lévai, Dániel -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
