OpenSSL 1.1 - update testsuite for retired ciphers
[users/jgh/exim.git] / test / confs / 2111
1 # Exim test configuration 2111
2
3 SERVER =
4
5 .include DIR/aux-var/tls_conf_prefix
6
7 primary_hostname = myhost.test.ex
8
9 # ----- Main settings -----
10
11 acl_smtp_rcpt = accept
12 log_selector = +tls_peerdn
13 queue_only
14 queue_run_in_order
15
16 tls_advertise_hosts = *
17
18 # Set certificate only if server
19
20 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
21 tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
22
23 tls_verify_hosts = *
24 tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
25
26
27 # ----- Routers -----
28
29 begin routers
30
31 client:
32   driver = accept
33   condition = ${if eq {SERVER}{server}{no}{yes}}
34   retry_use_local_part
35   transport = send_to_server
36
37
38 # ----- Transports -----
39
40 begin transports
41
42 send_to_server:
43   driver = smtp
44   allow_localhost
45   hosts = HOSTIPV4 : 127.0.0.1
46   hosts_require_tls = HOSTIPV4
47   port = PORT_D
48   tls_certificate = DIR/aux-fixed/cert2
49   tls_privatekey = DIR/aux-fixed/cert2
50   tls_require_ciphers = IDEA-CBC-MD5 \
51     ${if eq{$host_address}{127.0.0.1}{:AES256-SHA:RSA_ARCFOUR_SHA}}
52
53 # End