X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/01a4a5c5cbaa40ca618d3e233991ce183b551477..2592e6c0eda522da0f6a33f4d32e33598288eb6e:/test/confs/2112 diff --git a/test/confs/2112 b/test/confs/2112 index 2c81e0cf3..18b2fd780 100644 --- a/test/confs/2112 +++ b/test/confs/2112 @@ -6,7 +6,6 @@ SERVER= exim_path = EXIM_PATH host_lookup_order = bydns primary_hostname = myhost.test.ex -rfc1413_query_timeout = 0s spool_directory = DIR/spool log_file_path = DIR/spool/log/SERVER%slog gecos_pattern = "" @@ -26,7 +25,7 @@ KEY2 = FX/cert2 acl_smtp_rcpt = accept -log_selector = +tls_peerdn+tls_certificate_verified +log_selector = +tls_peerdn+tls_certificate_verified +received_recipients queue_only queue_run_in_order @@ -104,6 +103,7 @@ send_to_server_failcert: tls_privatekey = CERT2 tls_verify_certificates = CA2 + tls_try_verify_hosts = tls_verify_cert_hostnames = # this will fail to verify the cert at HOSTIPV4 so fail the crypt, then retry on 127.1; ok @@ -118,6 +118,7 @@ send_to_server_retry: tls_verify_certificates = \ ${if eq{$host_address}{127.0.0.1}{CA1}{CA2}} + tls_try_verify_hosts = tls_verify_cert_hostnames = # this will fail to verify the cert but continue unverified though crypted @@ -147,8 +148,8 @@ send_to_server_req_fail: tls_verify_hosts = * tls_verify_cert_hostnames = - # this will fail to verify the cert name and fallback to unencrypted - send_to_server_req_failname: +# this will fail to verify the cert name and fallback to unencrypted +send_to_server_req_failname: driver = smtp allow_localhost hosts = HOSTIPV4 @@ -160,8 +161,8 @@ send_to_server_req_fail: tls_verify_cert_hostnames = server1.example.net : server1.example.org tls_verify_hosts = * - # this will pass the cert verify including name check - send_to_server_req_passname: +# this will pass the cert verify including name check +send_to_server_req_passname: driver = smtp allow_localhost hosts = HOSTIPV4