-# Exim test configuration 5601
-# OCSP stapling, client, tpda
+# Exim test configuration 5608
+# OCSP stapling, client, events
SERVER =
accept
logger:
- accept condition = ${if !eq {msg} {${listextract{1}{$tpda_event}}}}
+ accept condition = ${if !eq {msg} {${listextract{1}{$event_name}}}}
warn logwrite = client ocsp status: $tls_out_ocsp \
(${listextract {${eval:$tls_out_ocsp+1}} \
{notreq:notresp:vfynotdone:failed:verified}})
hosts = HOSTIPV4
port = PORT_D
tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem
+ tls_verify_cert_hostnames =
hosts_require_tls = *
hosts_request_ocsp = :
headers_add = X-TLS-out: ocsp status $tls_out_ocsp
- tpda_event_action = ${acl {logger}}
+ event_action = ${acl {logger}}
# norequire: request stapling but do not verify
send_to_server2:
hosts = HOSTIPV4
port = PORT_D
tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem
+ tls_verify_cert_hostnames =
hosts_require_tls = *
# note no ocsp mention here
headers_add = X-TLS-out: ocsp status $tls_out_ocsp
- tpda_event_action = ${acl {logger}}
+ event_action = ${acl {logger}}
# (any other name): request and verify
send_to_server3:
port = PORT_D
helo_data = helo.data.changed
tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem
+ tls_verify_cert_hostnames =
hosts_require_tls = *
hosts_require_ocsp = *
headers_add = X-TLS-out: ocsp status $tls_out_ocsp
- tpda_event_action = ${acl {logger}}
+ event_action = ${acl {logger}}
# (any other name): request and verify, ssl-on-connect
send_to_server4:
port = PORT_D
helo_data = helo.data.changed
tls_verify_certificates = DIR/aux-fixed/exim-ca/example.com/CA/CA.pem
+ tls_verify_cert_hostnames =
protocol = smtps
hosts_require_tls = *
hosts_require_ocsp = *
headers_add = X-TLS-out: ocsp status $tls_out_ocsp
- tpda_event_action = ${acl {logger}}
+ event_action = ${acl {logger}}
# ----- Retry -----