exim4:tls
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| exim4:tls [2016/11/30 12:17] – peter | exim4:tls [2020/07/15 09:30] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Exim4 - TLS ====== | ====== Exim4 - TLS ====== | ||
| - | |||
| - | Generate your keys. | ||
| - | |||
| - | first switch to cd /etc | ||
| ===== Generate a 1024-bit RSA key ===== | ===== Generate a 1024-bit RSA key ===== | ||
| Line 15: | Line 11: | ||
| <code bash> | <code bash> | ||
| - | openssl dhparam -out exim.dhparam | + | openssl dhparam -out exim.dhparam 1024 |
| </ | </ | ||
| Line 47: | Line 43: | ||
| </ | </ | ||
| - | #************************ | + | <WRAP info> |
| + | If tls_dhparam is set, the SSL library is initialized for the use of Diffie-Hellman ciphers with the parameters contained in the file. Set this to none to disable use of DH entirely, by making no prime available: | ||
| + | </ | ||
| + | |||
| + | <WRAP info> | ||
| + | The ciphers could be set as something like: | ||
| + | |||
| + | < | ||
| + | tls_require_ciphers = ${if =={$received_port}{25}\ | ||
| + | | ||
| + | | ||
| + | </ | ||
| + | |||
| + | # Use this command to check the ciphers that openssl supports: | ||
| + | |||
| + | <code bash> | ||
| + | openssl ciphers ' | ||
| + | </ | ||
| + | </ | ||
| + | ===== Logging ===== | ||
| During run-time mainlog entries showing TLS: | During run-time mainlog entries showing TLS: | ||
| Line 75: | Line 90: | ||
| # | # | ||
| - | # report | + | # Report |
| # | # | ||
| warn condition = ${if def: | warn condition = ${if def: | ||
exim4/tls.1480508243.txt.gz · Last modified: 2020/07/15 09:30 (external edit)