TLS: Increase RSA keysize of autogen selfsign cert
[users/jgh/exim.git] / test / confs / 4061
1 # test config 4061
2 # Pipelining the early part of the SMTP conversation, tls-on-connect
3
4 CONTROL=*
5
6 keep_environment = PATH
7 exim_path = EXIM_PATH
8 host_lookup_order = bydns
9 spool_directory = DIR/spool
10
11 .ifdef SERVER
12 log_file_path = DIR/spool/log/SERVER%slog
13 .else
14 log_file_path = DIR/spool/log/%slog
15 .endif
16
17 gecos_pattern = ""
18 gecos_name = CALLER_NAME
19 dns_cname_loops = 9
20 chunking_advertise_hosts =
21 tls_on_connect_ports = PORT_D
22 tls_advertise_hosts = *
23 tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
24
25 # Avoid ECDHE key-exchange so that we can wireshark-decode
26 .ifdef _HAVE_GNUTLS
27 tls_require_ciphers = NORMAL:-KX-ALL:+RSA
28 .endif
29
30 pipelining_connect_advertise_hosts = *
31 log_selector = +received_recipients +pipelining
32 queue_only
33
34 acl_smtp_rcpt = accept
35
36 #
37 begin routers
38
39 server:
40   driver =      redirect
41   condition =   ${if eq {SERVER}{server}}
42   data =        :blackhole:
43
44 client:
45   driver =      manualroute
46   route_data =  127.0.0.1
47   self =        send
48   transport =   smtp
49
50 #
51 begin transports
52
53 smtp:
54   driver =              smtp
55   hosts_pipe_connect =  CONTROL
56   protocol =            smtps
57   port =                PORT_D
58   tls_verify_hosts =
59   tls_try_verify_hosts =
60