Testsuite: avoid cipher vs. cert validity problem
[users/heiko/exim.git] / test / confs / 2127
1 # Exim test configuration 2127
2
3 SERVER =
4
5 .include DIR/aux-var/tls_conf_prefix
6
7 primary_hostname = myhost.test.ex
8
9 # ----- Main settings -----
10
11 acl_smtp_rcpt = accept
12
13 queue_only
14 queue_run_in_order
15
16 tls_advertise_hosts = *
17 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
18 tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
19 tls_try_verify_hosts = 127.0.0.1
20 tls_verify_hosts = HOSTIPV4
21 tls_verify_certificates = DIR/aux-fixed/cert1
22
23 tls_require_ciphers = -ALL:kRSA
24 .ifdef _OPT_OPENSSL_NO_TLSV1_3_X
25 openssl_options = +no_tlsv1_3
26 .endif
27 # ----- Routers -----
28
29 begin routers
30
31 client:
32   driver = accept
33   condition = ${if eq {SERVER}{server}{no}{yes}}
34   retry_use_local_part
35   transport = send_to_server
36
37 server:
38   driver = accept
39   retry_use_local_part
40   transport = local_delivery
41
42
43 # ----- Transports -----
44
45 begin transports
46
47 local_delivery:
48   driver = appendfile
49   file = DIR/test-mail/${bless:$local_part}
50   headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
51   user = CALLER
52
53 send_to_server:
54   driver = smtp
55   allow_localhost
56   hosts = ${if eq{$local_part}{userx}{127.0.0.1}{HOSTIPV4}}
57   port = PORT_D
58   hosts_try_fastopen =  :
59   tls_try_verify_hosts = :
60
61 # End