Commit | Line | Data |
---|---|---|
fd3cf789 JH |
1 | ### No certificate, certificate required |
2 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
3 | ??? 220 | |
4 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
5 | >>> ehlo rhu.barb | |
6 | ??? 250- | |
7 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
8 | ??? 250- | |
9 | <<< 250-SIZE 52428800 | |
10 | ??? 250- | |
11 | <<< 250-8BITMIME | |
12 | ??? 250- | |
13 | <<< 250-PIPELINING | |
14 | ??? 250- | |
15 | <<< 250-STARTTLS | |
16 | ??? 250 | |
17 | <<< 250 HELP | |
18 | >>> starttls | |
19 | ??? 220 | |
20 | <<< 220 TLS go ahead | |
21 | Attempting to start TLS | |
fd3cf789 JH |
22 | Succeeded in starting TLS |
23 | >>> noop | |
24 | ????554 Security failure | |
25 | error:dddddddd:SSL routines:ssl3_read_bytes:tlsv13 alert certificate required | |
26 | TLS terminated | |
27 | >>> noop | |
28 | ??? 554 Security failure | |
29 | <<< 554 Security failure | |
30 | >>> quit | |
31 | ????554 Security failure | |
32 | ????221 | |
33 | ???* | |
34 | Expected EOF read | |
35 | End of script | |
36 | ### No certificate, certificate optional at TLS time, required by ACL | |
37 | Connecting to 127.0.0.1 port 1225 ... connected | |
38 | ??? 220 | |
39 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
40 | >>> ehlo rhu.barb | |
41 | ??? 250- | |
42 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
43 | ??? 250- | |
44 | <<< 250-SIZE 52428800 | |
45 | ??? 250- | |
46 | <<< 250-8BITMIME | |
47 | ??? 250- | |
48 | <<< 250-PIPELINING | |
49 | ??? 250- | |
50 | <<< 250-STARTTLS | |
51 | ??? 250 | |
52 | <<< 250 HELP | |
53 | >>> starttls | |
54 | ??? 220 | |
55 | <<< 220 TLS go ahead | |
56 | Attempting to start TLS | |
fd3cf789 JH |
57 | Succeeded in starting TLS |
58 | >>> helo rhu.barb | |
59 | ??? 250 | |
60 | <<< 250 myhost.test.ex Hello rhu.barb [127.0.0.1] | |
61 | >>> mail from:<userx@test.ex> | |
62 | ??? 250 | |
63 | <<< 250 OK | |
64 | >>> rcpt to:<userx@test.ex> | |
65 | ??? 550 | |
66 | <<< 550 certificate not verified: peerdn= | |
67 | >>> quit | |
68 | ??? 221 | |
69 | <<< 221 myhost.test.ex closing connection | |
70 | End of script | |
71 | ### Good certificate, certificate required | |
72 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
73 | Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem | |
74 | Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key | |
75 | ??? 220 | |
76 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
77 | >>> ehlo rhu.barb | |
78 | ??? 250- | |
79 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
80 | ??? 250- | |
81 | <<< 250-SIZE 52428800 | |
82 | ??? 250- | |
83 | <<< 250-8BITMIME | |
84 | ??? 250- | |
85 | <<< 250-PIPELINING | |
86 | ??? 250- | |
87 | <<< 250-STARTTLS | |
88 | ??? 250 | |
89 | <<< 250 HELP | |
90 | >>> starttls | |
91 | ??? 220 | |
92 | <<< 220 TLS go ahead | |
93 | Attempting to start TLS | |
fd3cf789 JH |
94 | Succeeded in starting TLS |
95 | >>> mail from:<userx@test.ex> | |
96 | ??? 250 | |
97 | <<< 250 OK | |
98 | >>> rcpt to:<userx@test.ex> | |
99 | ??? 250 | |
100 | <<< 250 Accepted | |
101 | >>> quit | |
102 | ??? 221 | |
103 | <<< 221 myhost.test.ex closing connection | |
104 | End of script | |
105 | ### Good certificate, certificate optional at TLS time, checked by ACL | |
106 | Connecting to 127.0.0.1 port 1225 ... connected | |
107 | Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem | |
108 | Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key | |
109 | ??? 220 | |
110 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
111 | >>> ehlo rhu.barb | |
112 | ??? 250- | |
113 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
114 | ??? 250- | |
115 | <<< 250-SIZE 52428800 | |
116 | ??? 250- | |
117 | <<< 250-8BITMIME | |
118 | ??? 250- | |
119 | <<< 250-PIPELINING | |
120 | ??? 250- | |
121 | <<< 250-STARTTLS | |
122 | ??? 250 | |
123 | <<< 250 HELP | |
124 | >>> starttls | |
125 | ??? 220 | |
126 | <<< 220 TLS go ahead | |
127 | Attempting to start TLS | |
fd3cf789 JH |
128 | Succeeded in starting TLS |
129 | >>> mail from:<userx@test.ex> | |
130 | ??? 250 | |
131 | <<< 250 OK | |
132 | >>> rcpt to:<userx@test.ex> | |
133 | ??? 250 | |
134 | <<< 250 Accepted | |
135 | >>> quit | |
136 | ??? 221 | |
137 | <<< 221 myhost.test.ex closing connection | |
138 | End of script | |
139 | ### Bad certificate, certificate required | |
140 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
141 | Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem | |
142 | Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key | |
143 | ??? 220 | |
144 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
145 | >>> ehlo rhu.barb | |
146 | ??? 250- | |
147 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
148 | ??? 250- | |
149 | <<< 250-SIZE 52428800 | |
150 | ??? 250- | |
151 | <<< 250-8BITMIME | |
152 | ??? 250- | |
153 | <<< 250-PIPELINING | |
154 | ??? 250- | |
155 | <<< 250-STARTTLS | |
156 | ??? 250 | |
157 | <<< 250 HELP | |
158 | >>> starttls | |
159 | ??? 220 | |
160 | <<< 220 TLS go ahead | |
161 | Attempting to start TLS | |
fd3cf789 JH |
162 | Succeeded in starting TLS |
163 | >>> noop | |
164 | ????554 Security failure | |
165 | error:dddddddd:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca | |
166 | TLS terminated | |
167 | >>> noop | |
168 | ??? 554 Security failure | |
169 | <<< 554 Security failure | |
170 | End of script | |
171 | ### Bad certificate, certificate optional at TLS time, reject at ACL time | |
172 | Connecting to 127.0.0.1 port 1225 ... connected | |
173 | Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem | |
174 | Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key | |
175 | ??? 220 | |
176 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
177 | >>> ehlo rhu.barb | |
178 | ??? 250- | |
179 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
180 | ??? 250- | |
181 | <<< 250-SIZE 52428800 | |
182 | ??? 250- | |
183 | <<< 250-8BITMIME | |
184 | ??? 250- | |
185 | <<< 250-PIPELINING | |
186 | ??? 250- | |
187 | <<< 250-STARTTLS | |
188 | ??? 250 | |
189 | <<< 250 HELP | |
190 | >>> starttls | |
191 | ??? 220 | |
192 | <<< 220 TLS go ahead | |
193 | Attempting to start TLS | |
fd3cf789 JH |
194 | Succeeded in starting TLS |
195 | >>> mail from:<userx@test.ex> | |
196 | ??? 250 | |
197 | <<< 250 OK | |
198 | >>> rcpt to:<userx@test.ex> | |
199 | ??? 550 | |
200 | <<< 550 certificate not verified: peerdn=/CN=server1.example.net | |
201 | >>> quit | |
202 | ??? 221 | |
203 | <<< 221 myhost.test.ex closing connection | |
204 | End of script | |
205 | ### Otherwise good but revoked certificate, certificate required | |
206 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
207 | Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem | |
208 | Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key | |
209 | ??? 220 | |
210 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
211 | >>> ehlo rhu.barb | |
212 | ??? 250- | |
213 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
214 | ??? 250- | |
215 | <<< 250-SIZE 52428800 | |
216 | ??? 250- | |
217 | <<< 250-8BITMIME | |
218 | ??? 250- | |
219 | <<< 250-PIPELINING | |
220 | ??? 250- | |
221 | <<< 250-STARTTLS | |
222 | ??? 250 | |
223 | <<< 250 HELP | |
224 | >>> starttls | |
225 | ??? 220 | |
226 | <<< 220 TLS go ahead | |
227 | Attempting to start TLS | |
fd3cf789 JH |
228 | Succeeded in starting TLS |
229 | >>> noop | |
230 | ????554 Security failure | |
231 | error:dddddddd:SSL routines:ssl3_read_bytes:sslv3 alert certificate revoked | |
232 | TLS terminated | |
233 | >>> noop | |
234 | ??? 554 Security failure | |
235 | <<< 554 Security failure | |
236 | End of script | |
237 | ### Revoked certificate, certificate optional at TLS time, reject at ACL time | |
238 | Connecting to 127.0.0.1 port 1225 ... connected | |
239 | Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem | |
240 | Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key | |
241 | ??? 220 | |
242 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
243 | >>> ehlo rhu.barb | |
244 | ??? 250- | |
245 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
246 | ??? 250- | |
247 | <<< 250-SIZE 52428800 | |
248 | ??? 250- | |
249 | <<< 250-8BITMIME | |
250 | ??? 250- | |
251 | <<< 250-PIPELINING | |
252 | ??? 250- | |
253 | <<< 250-STARTTLS | |
254 | ??? 250 | |
255 | <<< 250 HELP | |
256 | >>> starttls | |
257 | ??? 220 | |
258 | <<< 220 TLS go ahead | |
259 | Attempting to start TLS | |
fd3cf789 JH |
260 | Succeeded in starting TLS |
261 | >>> mail from:<userx@test.ex> | |
262 | ??? 250 | |
263 | <<< 250 OK | |
264 | >>> rcpt to:<userx@test.ex> | |
265 | ??? 550 | |
266 | <<< 550 certificate not verified: peerdn=/CN=revoked1.example.com | |
267 | >>> quit | |
268 | ??? 221 | |
269 | <<< 221 myhost.test.ex closing connection | |
270 | End of script | |
271 | ### Good certificate, certificate required - but nonmatching CRL also present | |
272 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
273 | Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem | |
274 | Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key | |
275 | ??? 220 | |
276 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
277 | >>> ehlo rhu.barb | |
278 | ??? 250- | |
279 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
280 | ??? 250- | |
281 | <<< 250-SIZE 52428800 | |
282 | ??? 250- | |
283 | <<< 250-8BITMIME | |
284 | ??? 250- | |
285 | <<< 250-PIPELINING | |
286 | ??? 250- | |
287 | <<< 250-STARTTLS | |
288 | ??? 250 | |
289 | <<< 250 HELP | |
290 | >>> starttls | |
291 | ??? 220 | |
292 | <<< 220 TLS go ahead | |
293 | Attempting to start TLS | |
fd3cf789 JH |
294 | Succeeded in starting TLS |
295 | >>> mail from:<userx@test.ex> | |
296 | ??? 250 | |
297 | <<< 250 OK | |
298 | >>> rcpt to:<userx@test.ex> | |
299 | ??? 250 | |
300 | <<< 250 Accepted | |
301 | >>> quit | |
302 | ??? 221 | |
303 | <<< 221 myhost.test.ex closing connection | |
304 | End of script | |
305 | ||
306 | ******** SERVER ******** | |
307 | ### No certificate, certificate required | |
308 | ### No certificate, certificate optional at TLS time, required by ACL | |
309 | ### Good certificate, certificate required | |
310 | ### Good certificate, certificate optional at TLS time, checked by ACL | |
311 | ### Bad certificate, certificate required | |
312 | ### Bad certificate, certificate optional at TLS time, reject at ACL time | |
313 | ### Otherwise good but revoked certificate, certificate required | |
314 | ### Revoked certificate, certificate optional at TLS time, reject at ACL time | |
315 | ### Good certificate, certificate required - but nonmatching CRL also present |