X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/f4e62a871680af98f14beb5f21dbe3b85c5c35ff..811622b672d4a4cf3d71fbd66810a66adf76826e:/test/confs/5890 diff --git a/test/confs/5890 b/test/confs/5890 index a836802af..0c812fd89 100644 --- a/test/confs/5890 +++ b/test/confs/5890 @@ -19,7 +19,10 @@ tls_advertise_hosts = * # Set certificate only if server -tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail} +CDIR=DIR/aux-fixed/exim-ca/example.com + +tls_certificate = CDIR/server1.example.com/server1.example.com.chain.pem +tls_privatekey = CDIR/server1.example.com/server1.example.com.unlocked.key tls_require_ciphers = OPTION tls_resumption_hosts = 127.0.0.1 @@ -36,7 +39,6 @@ check_helo: logwrite = peer cert subject\t${certextract {subject}{$tls_in_peercert}} logwrite = peer cert verified\t${tls_in_certificate_verified} logwrite = peer dn\t${tls_in_peerdn} - logwrite = ocsp\t${tls_in_ocsp} logwrite = cipher\t${tls_in_cipher} logwrite = bits\t${tls_in_bits} accept @@ -53,7 +55,6 @@ log_resumption: logwrite = peer cert subject\t${certextract {subject}{$tls_out_peercert}} logwrite = peer cert verified\t${tls_out_certificate_verified} logwrite = peer dn\t${tls_out_peerdn} - logwrite = ocsp\t${tls_out_ocsp} logwrite = cipher\t${tls_out_cipher} logwrite = bits\t${tls_out_bits} @@ -86,7 +87,7 @@ send_to_server1: .else tls_resumption_hosts = : .endif - tls_verify_certificates = DIR/aux-fixed/cert1 + tls_verify_certificates = CDIR/CA/CA.pem tls_verify_cert_hostnames = ${if match {$local_part}{^noverify} {*}{:}} tls_try_verify_hosts = * event_action = ${acl {log_resumption}} @@ -96,9 +97,10 @@ send_to_server2: allow_localhost hosts = HOSTIPV4 port = PORT_D - tls_verify_certificates = DIR/aux-fixed/cert1 - tls_verify_cert_hostnames = : - event_action = ${acl {log_resumption}} + hosts_try_fastopen = : + tls_verify_certificates = CDIR/CA/CA.pem + tls_verify_cert_hostnames = : + event_action = ${acl {log_resumption}} # ----- Retry -----