TLS: pre-generate and load server selfsigned cert, when one is to be used
[users/heiko/exim.git] / test / confs / 4060
1 # test config 4060
2 # Pipelining the early part of the SMTP conversation, starttls
3
4 CONTROL=*
5 OPT=
6 CONNECTCOND=
7
8 keep_environment = PATH
9 exim_path = EXIM_PATH
10 host_lookup_order = bydns
11 spool_directory = DIR/spool
12
13 .ifdef SERVER
14 log_file_path = DIR/spool/log/SERVER%slog
15 .else
16 log_file_path = DIR/spool/log/%slog
17 .endif
18
19 gecos_pattern = ""
20 gecos_name = CALLER_NAME
21 dns_cname_loops = 9
22 chunking_advertise_hosts = OPT
23 tls_advertise_hosts = *
24 tls_certificate = DIR/aux-fixed/cert1
25
26 .ifdef _HAVE_TLS_CA_CACHE
27 tls_verify_certificates = system,cache
28 .endif
29
30 .ifdef _HAVE_DMARC
31 dmarc_tld_file =
32 .endif
33
34 # Avoid ECDHE key-exchange so that we can wireshark-decode (not TLS1.3)
35 .ifdef _HAVE_GNUTLS
36 tls_require_ciphers = NORMAL:-KX-ALL:+RSA
37 .else
38 tls_require_ciphers = DEFAULT:!kECDHE
39 .endif
40
41 pipelining_connect_advertise_hosts = CONTROL
42 log_selector = +received_recipients +millisec +pipelining
43 queue_only
44
45 acl_smtp_rcpt = accept
46
47 #
48 begin routers
49
50 server:
51   driver =      redirect
52   condition =   ${if eq {SERVER}{server}}
53   data =        :blackhole:
54
55 client:
56   driver =      manualroute
57   route_data =  127.0.0.1::PORT_D
58   self =        send
59   transport =   smtp
60
61 #
62 begin transports
63
64 smtp:
65   driver =              smtp
66   hosts_try_fastopen =  CONNECTCOND
67   hosts_pipe_connect =  CONTROL
68   tls_verify_hosts =
69   tls_try_verify_hosts =
70