X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/f4e62a871680af98f14beb5f21dbe3b85c5c35ff..5304327c962ff5d8d5a1cb15fbb44923fe213435:/test/confs/5890 diff --git a/test/confs/5890 b/test/confs/5890 index a836802af..88743cfd0 100644 --- a/test/confs/5890 +++ b/test/confs/5890 @@ -19,7 +19,10 @@ tls_advertise_hosts = * # Set certificate only if server -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +CDIR=DIR/aux-fixed/exim-ca/example.com + +tls_certificate = CDIR/server1.example.com/server1.example.com.chain.pem +tls_privatekey = CDIR/server1.example.com/server1.example.com.unlocked.key tls_require_ciphers = OPTION tls_resumption_hosts = 127.0.0.1 @@ -36,7 +39,6 @@ check_helo: logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} logwrite = peer cert verified\t${tls_in_certificate_verified} logwrite = peer dn\t${tls_in_peerdn} - logwrite = ocsp\t${tls_in_ocsp} logwrite = cipher\t${tls_in_cipher} logwrite = bits\t${tls_in_bits} accept @@ -53,7 +55,6 @@ log_resumption: logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} logwrite = peer cert verified\t${tls_out_certificate_verified} logwrite = peer dn\t${tls_out_peerdn} - logwrite = ocsp\t${tls_out_ocsp} logwrite = cipher\t${tls_out_cipher} logwrite = bits\t${tls_out_bits} @@ -81,12 +82,15 @@ send_to_server1: hosts = 127.0.0.1 port = PORT_D helo_data = helo.data.changed +.ifdef HELO_MSG + host_name_extract = HELO_MSG +.endif .ifdef VALUE tls_resumption_hosts = * .else tls_resumption_hosts = : .endif - tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_certificates = CDIR/CA/CA.pem tls_verify_cert_hostnames = ${if match {$local_part}{^noverify} {*}{:}} tls_try_verify_hosts = * event_action = ${acl {log_resumption}} @@ -96,9 +100,10 @@ send_to_server2: allow_localhost hosts = HOSTIPV4 port = PORT_D - tls_verify_certificates = DIR/aux-fixed/cert1 - tls_verify_cert_hostnames = : - event_action = ${acl {log_resumption}} + hosts_try_fastopen = : + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = : + event_action = ${acl {log_resumption}} # ----- Retry -----