diff options
| author | Sheldon Hearn <sheldonh@FreeBSD.org> | 2002-01-15 15:58:59 +0000 |
|---|---|---|
| committer | Sheldon Hearn <sheldonh@FreeBSD.org> | 2002-01-15 15:58:59 +0000 |
| commit | 1fc47057446b0ac7e3724087fa3194f0fc21b7db (patch) | |
| tree | 279c8f9e381b41306312fdc3864013fa742077b8 /mail/exim-old | |
| parent | Disable debugger by default (diff) | |
Expand on the existing documentation regarding TLS and certificates,
adding information important to operators of SMTP services used
by a number of Windows (and probably Unix) MUA packages.
This text has been approved by the author and will be included in
the next release of exim-4. Another release of exim-3.3x is not
expected.
This change is based on an explanation of SSL certificates attributed
below, but was not a direct submission. Errors are my own, etc.
Submitted by: terry
Message-Id: <3C3F3A93.C1ECF9B0@mindspring.com>
Notes
Notes:
svn path=/head/; revision=53123
Diffstat (limited to 'mail/exim-old')
| -rw-r--r-- | mail/exim-old/files/patch-..::exim-texinfo-3.30::doc::spec.texinfo | 22 | ||||
| -rw-r--r-- | mail/exim-old/files/patch-doc::spec.txt | 22 |
2 files changed, 44 insertions, 0 deletions
diff --git a/mail/exim-old/files/patch-..::exim-texinfo-3.30::doc::spec.texinfo b/mail/exim-old/files/patch-..::exim-texinfo-3.30::doc::spec.texinfo new file mode 100644 index 000000000000..824276f27f63 --- /dev/null +++ b/mail/exim-old/files/patch-..::exim-texinfo-3.30::doc::spec.texinfo @@ -0,0 +1,22 @@ +--- ../exim-texinfo-3.30/doc/spec.texinfo.orig Tue Jun 12 12:20:49 2001 ++++ ../exim-texinfo-3.30/doc/spec.texinfo Tue Jan 15 17:19:46 2002 +@@ -20785,6 +20785,19 @@ + may be adequate for all your requirements if you are mainly interested in + encrypting transfers, and not in secure identification. + ++However, many clients require that the certificate presented by Exim be a user ++(also called "leaf" or "site") certificate, and not a self-signed certificate. ++In this case, the self-signed certificate described above must be installed on ++the client host as a trusted root certification authority and the certificate ++used by Exim must be a user certificate signed with that self-signed ++certificate. ++ ++For information on creating self-signed CA certificates and using them to sign ++user certificates, see the "General implementation overview" chapter of the ++Open-source PKI Book, available online at: ++ ++http://ospkibook.sourceforge.net/ ++ + + + diff --git a/mail/exim-old/files/patch-doc::spec.txt b/mail/exim-old/files/patch-doc::spec.txt new file mode 100644 index 000000000000..4d7ad28cf598 --- /dev/null +++ b/mail/exim-old/files/patch-doc::spec.txt @@ -0,0 +1,22 @@ +--- doc/spec.txt.orig Wed Dec 19 13:50:32 2001 ++++ doc/spec.txt Tue Jan 15 15:52:05 2002 +@@ -14403,6 +14403,19 @@ + be adequate for all your requirements if you are mainly interested in + encrypting transfers, and not in secure identification. + ++However, many clients require that the certificate presented by Exim be a user ++(also called "leaf" or "site") certificate, and not a self-signed certificate. ++In this case, the self-signed certificate described above must be installed on ++the client host as a trusted root certification authority and the certificate ++used by Exim must be a user certificate signed with that self-signed ++certificate. ++ ++For information on creating self-signed CA certificates and using them to sign ++user certificates, see the "General implementation overview" chapter of the ++Open-source PKI Book, available online at: ++ ++ http://ospkibook.sourceforge.net/ ++ + + + 39. CUSTOMIZING ERROR AND WARNING MESSAGES |