On Fri, 6 Jun 2025, Cyborg via Exim-users wrote:
Hi,
interessting situation:
Exim returns:
TLS session: (SSL_connect): error:0A00018A:SSL
routines::dh key too small
when connecting with s_client to that server, a wired
connection is established:
New, TLSv1.2, Cipher is AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
TLS 1.3 Cipher, but TLS 1.2 protocol => should not even
work, but it does in s_client.
Which settings are given to openssl by exim, that the
connection does not accept the tls 1.3 cipher in the tls
1.2 protocol?
I want to have those in the openssl s_client test too,
to better reproduce this.
SWAKS might also give clues.
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
