check_recipient:
accept hosts = :
deny hosts = HOSTIPV4
- !encrypted = AES256-SHA : \
- AES256-GCM-SHA384 : \
- AES128-GCM-SHA256 : \
- IDEA-CBC-MD5 : \
- DES-CBC3-SHA : \
- DHE-RSA-AES256-SHA : \
- DHE-RSA-AES256-GCM-SHA384 : \
- DHE_RSA_AES_256_CBC_SHA1 : \
- DHE_RSA_3DES_EDE_CBC_SHA : \
- ECDHE-RSA-AES256-GCM-SHA384 : \
- ECDHE-RSA-AES128-GCM-SHA256 : \
- ECDHE-RSA-CHACHA20-POLY1305
+ !encrypted = *
warn logwrite = ${if def:tls_in_ourcert \
{Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \
{We did not present a cert}}