.display
&`version `&
&`serial_number `&
-&`subject `&
-&`issuer `&
-&`notbefore `&
-&`notafter `&
+&`subject `& RFC4514 DN
+&`issuer `& RFC4514 DN
+&`notbefore `& time
+&`notafter `& time
&`sig_algorithm `&
&`signature `&
&`subj_altname `& tagged list
Some field names take optional modifiers, appended and separated by commas.
+The field selectors marked as "RFC4514" above
+output a Distinguished Name string which is
+not quite
+parseable by Exim as a comma-separated tagged list
+(the exceptions being elements containin commas).
+RDN elements of a single type may be selected by
+a modifier of the type label; if so the expansion
+result is a list (newline-separated by default).
+The separator may be changed by another modifer of
+a right angle-bracket followed immediately by the new separator.
+Recognised RDN type labels include "CN", "O", "OU" and "DC".
+
+The field selectors marked as "time" above
+may output a number of seconds since epoch
+if the modifier "int" is used.
+
The field selectors marked as "list" above return a list,
newline-separated by default,
(embedded separator characters in elements are doubled).
which is one of "dns", "uri" or "mail";
if so the elenment tags are omitted.
-Field values are generally presented in human-readable form.
+If not otherwise noted field values are presented in human-readable form.
.wen
.vitem "&*${dlfunc{*&<&'file'&>&*}{*&<&'function'&>&*}{*&<&'arg'&>&*}&&&
This option gives a list of hosts for which, on encrypted connections,
certificate verification will be tried but need not succeed.
The &%tls_verify_certificates%& option must also be set.
+Note that unless the host is in this list
+TLS connections will be denied to hosts using self-signed certificates
+when &%tls_verify_certificates%& is set.
+The &$tls_out_certificate_verified$& variable is set when
+certificate verification succeeds.
.option tls_verify_certificates smtp string&!! unset
git://git.exim.org / exim.git / blobdiff