From 176cf342af83cab469cb3bbd24221c88c8e00bf6 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Wed, 15 Nov 2017 18:38:44 +0000
Subject: [PATCH] Testsuite: force RSA auth for testcase loading dual certs

More recent OpenSSL versions (1.1.0) reasonably prefer ECDSA when available,
where older (1.0.2) preferred RSA
---
 test/scripts/2100-OpenSSL/2102 | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/test/scripts/2100-OpenSSL/2102 b/test/scripts/2100-OpenSSL/2102
index e9fdbfdca..374f3a27f 100644
--- a/test/scripts/2100-OpenSSL/2102
+++ b/test/scripts/2100-OpenSSL/2102
@@ -1,5 +1,11 @@
 # TLS server: general ops and certificate extractions
-exim -DSERVER=server -bd -oX PORT_D
+#
+# NOTE: current OpenSSL libraries return faulty my-cert information
+# when more than one is loaded, which the conf for this testcase does.
+# As a result the expansion done and logged is misleading.
+#
+# Make RSA authentication the only acceptable
+exim -d-all+tls -DSERVER=server -DORDER=RSA -bd -oX PORT_D
 ****
 client-ssl 127.0.0.1 PORT_D
 ??? 220
-- 
2.30.2