I need to temporarily allow TLS1.0 and TLS1.1 in exim for a customer using an older email-client. When I set
in /etc/exim.variables.conf.custom and run
/etc/exim.variables.conf is updated with the edited openssl_options variable, but when I check for a mail certificate on https://ssl-tools.net/mailservers , TLS1.0 and TLS1.1 are still not allowed.
The server is running Debian 9 and the latest Directadmin, CB and exim_conf versions.
Anything I'm forgetting?
edit: if I set
only TLSv1.2 is enabled. I can disable TLSv1.2 and it shows on the testing website, but enabling older TLS versions doesn't seem to work.
Code:
openssl_options=+no_sslv2 +no_sslv3
in /etc/exim.variables.conf.custom and run
Code:
./build update
./build exim_conf
/etc/exim.variables.conf is updated with the edited openssl_options variable, but when I check for a mail certificate on https://ssl-tools.net/mailservers , TLS1.0 and TLS1.1 are still not allowed.
The server is running Debian 9 and the latest Directadmin, CB and exim_conf versions.
Anything I'm forgetting?
edit: if I set
Code:
openssl_options=+all
only TLSv1.2 is enabled. I can disable TLSv1.2 and it shows on the testing website, but enabling older TLS versions doesn't seem to work.
Last edited: