X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/610ff4388b33ddc2753c17eefb8b03e2fdd7e124..45fd1598c1256b36a4f658d00572f97bed34b5bd:/test/confs/2131 diff --git a/test/confs/2131 b/test/confs/2131 index 53c06f1f7..e4d4ae551 100644 --- a/test/confs/2131 +++ b/test/confs/2131 @@ -3,15 +3,9 @@ SERVER = -exim_path = EXIM_PATH -host_lookup_order = bydns -primary_hostname = myhost.test.ex -rfc1413_query_timeout = 0s -spool_directory = DIR/spool -log_file_path = DIR/spool/log/SERVER%slog -gecos_pattern = "" -gecos_name = CALLER_NAME +.include DIR/aux-var/tls_conf_prefix +primary_hostname = myhost.test.ex # ----- Main settings ----- @@ -23,22 +17,13 @@ remote_max_parallel = 1 tls_advertise_hosts = * -# Set certificate only if server - -tls_certificate = ${if eq {SERVER}{server} \ - {DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \ +tls_certificate = DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \ {exim-ca/example.com/server1.example.com/server1.example.com.pem} \ - {cert1} \ - }\ - }fail} + {cert1} } -tls_privatekey = ${if eq {SERVER}{server} \ - {DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \ +tls_privatekey = DIR/aux-fixed/${if eq {$tls_in_sni}{bill} \ {exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key} \ - {cert1} \ - }\ - }fail} - + {cert1} } # ------ ACL ------ @@ -71,18 +56,22 @@ send_to_server1: allow_localhost hosts = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : tls_sni = fred hosts_require_tls = * - tls_try_verify_hosts = : + tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_cert_hostnames = : send_to_server2: driver = smtp allow_localhost hosts = HOSTIPV4 port = PORT_D + hosts_try_fastopen = : tls_sni = bill hosts_require_tls = * - tls_try_verify_hosts = : + tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem + tls_verify_cert_hostnames = : # ----- Retry -----