Commit | Line | Data |
---|---|---|
dc9c8f8b | 1 | ### No certificate, certificate required |
54c5ebb1 PH |
2 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected |
3 | ??? 220 | |
4 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
5 | >>> ehlo rhu.barb | |
6 | ??? 250- | |
7 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
8 | ??? 250- | |
9 | <<< 250-SIZE 52428800 | |
10 | ??? 250- | |
5b456975 JH |
11 | <<< 250-8BITMIME |
12 | ??? 250- | |
54c5ebb1 PH |
13 | <<< 250-PIPELINING |
14 | ??? 250- | |
15 | <<< 250-STARTTLS | |
16 | ??? 250 | |
17 | <<< 250 HELP | |
18 | >>> starttls | |
19 | ??? 220 | |
20 | <<< 220 TLS go ahead | |
21 | Attempting to start TLS | |
12373afb | 22 | pppp:error:dddddddd:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:[...]:SSL alert number 40 |
54c5ebb1 PH |
23 | Failed to start TLS |
24 | End of script | |
dc9c8f8b | 25 | ### No certificate, certificate optional at TLS time, required by ACL |
54c5ebb1 PH |
26 | Connecting to 127.0.0.1 port 1225 ... connected |
27 | ??? 220 | |
28 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
29 | >>> ehlo rhu.barb | |
30 | ??? 250- | |
31 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
32 | ??? 250- | |
33 | <<< 250-SIZE 52428800 | |
34 | ??? 250- | |
5b456975 JH |
35 | <<< 250-8BITMIME |
36 | ??? 250- | |
54c5ebb1 PH |
37 | <<< 250-PIPELINING |
38 | ??? 250- | |
39 | <<< 250-STARTTLS | |
40 | ??? 250 | |
41 | <<< 250 HELP | |
42 | >>> starttls | |
43 | ??? 220 | |
44 | <<< 220 TLS go ahead | |
45 | Attempting to start TLS | |
ce25e298 | 46 | SSL connection using ke-RSA-AES256-SHA |
54c5ebb1 PH |
47 | Succeeded in starting TLS |
48 | >>> helo rhu.barb | |
49 | ??? 250 | |
50 | <<< 250 myhost.test.ex Hello rhu.barb [127.0.0.1] | |
51 | >>> mail from:<userx@test.ex> | |
52 | ??? 250 | |
53 | <<< 250 OK | |
54 | >>> rcpt to:<userx@test.ex> | |
55 | ??? 550 | |
56 | <<< 550 certificate not verified: peerdn= | |
57 | >>> quit | |
58 | ??? 221 | |
59 | <<< 221 myhost.test.ex closing connection | |
60 | End of script | |
dc9c8f8b | 61 | ### Good certificate, certificate required |
54c5ebb1 | 62 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected |
dc9c8f8b JH |
63 | Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem |
64 | Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key | |
54c5ebb1 PH |
65 | ??? 220 |
66 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
67 | >>> ehlo rhu.barb | |
68 | ??? 250- | |
69 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
70 | ??? 250- | |
71 | <<< 250-SIZE 52428800 | |
72 | ??? 250- | |
5b456975 JH |
73 | <<< 250-8BITMIME |
74 | ??? 250- | |
54c5ebb1 PH |
75 | <<< 250-PIPELINING |
76 | ??? 250- | |
77 | <<< 250-STARTTLS | |
78 | ??? 250 | |
79 | <<< 250 HELP | |
80 | >>> starttls | |
81 | ??? 220 | |
82 | <<< 220 TLS go ahead | |
83 | Attempting to start TLS | |
ce25e298 | 84 | SSL connection using ke-RSA-AES256-SHA |
54c5ebb1 PH |
85 | Succeeded in starting TLS |
86 | >>> mail from:<userx@test.ex> | |
87 | ??? 250 | |
88 | <<< 250 OK | |
89 | >>> rcpt to:<userx@test.ex> | |
90 | ??? 250 | |
91 | <<< 250 Accepted | |
92 | >>> quit | |
93 | ??? 221 | |
94 | <<< 221 myhost.test.ex closing connection | |
95 | End of script | |
dc9c8f8b | 96 | ### Good certificate, certificate optional at TLS time, checked by ACL |
54c5ebb1 | 97 | Connecting to 127.0.0.1 port 1225 ... connected |
dc9c8f8b JH |
98 | Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem |
99 | Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key | |
54c5ebb1 PH |
100 | ??? 220 |
101 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
102 | >>> ehlo rhu.barb | |
103 | ??? 250- | |
104 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
105 | ??? 250- | |
106 | <<< 250-SIZE 52428800 | |
107 | ??? 250- | |
5b456975 JH |
108 | <<< 250-8BITMIME |
109 | ??? 250- | |
54c5ebb1 PH |
110 | <<< 250-PIPELINING |
111 | ??? 250- | |
112 | <<< 250-STARTTLS | |
113 | ??? 250 | |
114 | <<< 250 HELP | |
115 | >>> starttls | |
116 | ??? 220 | |
117 | <<< 220 TLS go ahead | |
118 | Attempting to start TLS | |
ce25e298 | 119 | SSL connection using ke-RSA-AES256-SHA |
54c5ebb1 PH |
120 | Succeeded in starting TLS |
121 | >>> mail from:<userx@test.ex> | |
122 | ??? 250 | |
123 | <<< 250 OK | |
124 | >>> rcpt to:<userx@test.ex> | |
125 | ??? 250 | |
126 | <<< 250 Accepted | |
127 | >>> quit | |
128 | ??? 221 | |
129 | <<< 221 myhost.test.ex closing connection | |
130 | End of script | |
dc9c8f8b | 131 | ### Bad certificate, certificate required |
54c5ebb1 | 132 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected |
dc9c8f8b JH |
133 | Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem |
134 | Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key | |
54c5ebb1 PH |
135 | ??? 220 |
136 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
137 | >>> ehlo rhu.barb | |
138 | ??? 250- | |
139 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
140 | ??? 250- | |
141 | <<< 250-SIZE 52428800 | |
142 | ??? 250- | |
5b456975 JH |
143 | <<< 250-8BITMIME |
144 | ??? 250- | |
54c5ebb1 PH |
145 | <<< 250-PIPELINING |
146 | ??? 250- | |
147 | <<< 250-STARTTLS | |
148 | ??? 250 | |
149 | <<< 250 HELP | |
150 | >>> starttls | |
151 | ??? 220 | |
152 | <<< 220 TLS go ahead | |
153 | Attempting to start TLS | |
12373afb | 154 | pppp:error:dddddddd:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:[...]:SSL alert number 48 |
54c5ebb1 PH |
155 | Failed to start TLS |
156 | End of script | |
dc9c8f8b | 157 | ### Bad certificate, certificate optional at TLS time, reject at ACL time |
54c5ebb1 | 158 | Connecting to 127.0.0.1 port 1225 ... connected |
dc9c8f8b JH |
159 | Certificate file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.chain.pem |
160 | Key file = aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key | |
54c5ebb1 PH |
161 | ??? 220 |
162 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
163 | >>> ehlo rhu.barb | |
164 | ??? 250- | |
165 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
166 | ??? 250- | |
167 | <<< 250-SIZE 52428800 | |
168 | ??? 250- | |
5b456975 JH |
169 | <<< 250-8BITMIME |
170 | ??? 250- | |
54c5ebb1 PH |
171 | <<< 250-PIPELINING |
172 | ??? 250- | |
173 | <<< 250-STARTTLS | |
174 | ??? 250 | |
175 | <<< 250 HELP | |
176 | >>> starttls | |
177 | ??? 220 | |
178 | <<< 220 TLS go ahead | |
179 | Attempting to start TLS | |
ce25e298 | 180 | SSL connection using ke-RSA-AES256-SHA |
54c5ebb1 PH |
181 | Succeeded in starting TLS |
182 | >>> mail from:<userx@test.ex> | |
183 | ??? 250 | |
184 | <<< 250 OK | |
185 | >>> rcpt to:<userx@test.ex> | |
54c5ebb1 | 186 | ??? 550 |
dc9c8f8b | 187 | <<< 550 certificate not verified: peerdn=/CN=server1.example.net |
54c5ebb1 PH |
188 | >>> quit |
189 | ??? 221 | |
190 | <<< 221 myhost.test.ex closing connection | |
191 | End of script | |
dc9c8f8b | 192 | ### Otherwise good but revoked certificate, certificate required |
54c5ebb1 | 193 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected |
dc9c8f8b JH |
194 | Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem |
195 | Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key | |
54c5ebb1 PH |
196 | ??? 220 |
197 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
198 | >>> ehlo rhu.barb | |
199 | ??? 250- | |
200 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
201 | ??? 250- | |
202 | <<< 250-SIZE 52428800 | |
203 | ??? 250- | |
5b456975 JH |
204 | <<< 250-8BITMIME |
205 | ??? 250- | |
54c5ebb1 PH |
206 | <<< 250-PIPELINING |
207 | ??? 250- | |
208 | <<< 250-STARTTLS | |
209 | ??? 250 | |
210 | <<< 250 HELP | |
211 | >>> starttls | |
212 | ??? 220 | |
213 | <<< 220 TLS go ahead | |
214 | Attempting to start TLS | |
12373afb | 215 | pppp:error:dddddddd:SSL routines:ssl3_read_bytes:sslv3 alert certificate revoked:[...]:SSL alert number 44 |
54c5ebb1 PH |
216 | Failed to start TLS |
217 | End of script | |
dc9c8f8b | 218 | ### Revoked certificate, certificate optional at TLS time, reject at ACL time |
54c5ebb1 | 219 | Connecting to 127.0.0.1 port 1225 ... connected |
dc9c8f8b JH |
220 | Certificate file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.chain.pem |
221 | Key file = aux-fixed/exim-ca/example.com/revoked1.example.com/revoked1.example.com.unlocked.key | |
54c5ebb1 PH |
222 | ??? 220 |
223 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
224 | >>> ehlo rhu.barb | |
225 | ??? 250- | |
226 | <<< 250-myhost.test.ex Hello rhu.barb [127.0.0.1] | |
227 | ??? 250- | |
228 | <<< 250-SIZE 52428800 | |
229 | ??? 250- | |
5b456975 JH |
230 | <<< 250-8BITMIME |
231 | ??? 250- | |
54c5ebb1 PH |
232 | <<< 250-PIPELINING |
233 | ??? 250- | |
234 | <<< 250-STARTTLS | |
235 | ??? 250 | |
236 | <<< 250 HELP | |
237 | >>> starttls | |
238 | ??? 220 | |
239 | <<< 220 TLS go ahead | |
240 | Attempting to start TLS | |
ce25e298 | 241 | SSL connection using ke-RSA-AES256-SHA |
54c5ebb1 PH |
242 | Succeeded in starting TLS |
243 | >>> mail from:<userx@test.ex> | |
244 | ??? 250 | |
245 | <<< 250 OK | |
246 | >>> rcpt to:<userx@test.ex> | |
54c5ebb1 | 247 | ??? 550 |
dc9c8f8b | 248 | <<< 550 certificate not verified: peerdn=/CN=revoked1.example.com |
54c5ebb1 PH |
249 | >>> quit |
250 | ??? 221 | |
251 | <<< 221 myhost.test.ex closing connection | |
252 | End of script | |
dc9c8f8b JH |
253 | ### Good certificate, certificate required - but nonmatching CRL also present |
254 | Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected | |
255 | Certificate file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.chain.pem | |
256 | Key file = aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key | |
257 | ??? 220 | |
258 | <<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000 | |
259 | >>> ehlo rhu.barb | |
260 | ??? 250- | |
261 | <<< 250-myhost.test.ex Hello rhu.barb [ip4.ip4.ip4.ip4] | |
262 | ??? 250- | |
263 | <<< 250-SIZE 52428800 | |
264 | ??? 250- | |
265 | <<< 250-8BITMIME | |
266 | ??? 250- | |
267 | <<< 250-PIPELINING | |
268 | ??? 250- | |
269 | <<< 250-STARTTLS | |
270 | ??? 250 | |
271 | <<< 250 HELP | |
272 | >>> starttls | |
273 | ??? 220 | |
274 | <<< 220 TLS go ahead | |
275 | Attempting to start TLS | |
276 | SSL connection using ke-RSA-AES256-SHA | |
277 | Succeeded in starting TLS | |
278 | >>> mail from:<userx@test.ex> | |
279 | ??? 250 | |
280 | <<< 250 OK | |
281 | >>> rcpt to:<userx@test.ex> | |
282 | ??? 250 | |
283 | <<< 250 Accepted | |
284 | >>> quit | |
285 | ??? 221 | |
286 | <<< 221 myhost.test.ex closing connection | |
287 | End of script | |
288 | ||
289 | ******** SERVER ******** | |
290 | ### No certificate, certificate required | |
291 | ### No certificate, certificate optional at TLS time, required by ACL | |
292 | ### Good certificate, certificate required | |
293 | ### Good certificate, certificate optional at TLS time, checked by ACL | |
294 | ### Bad certificate, certificate required | |
295 | ### Bad certificate, certificate optional at TLS time, reject at ACL time | |
296 | ### Otherwise good but revoked certificate, certificate required | |
297 | ### Revoked certificate, certificate optional at TLS time, reject at ACL time | |
298 | ### Good certificate, certificate required - but nonmatching CRL also present |