> On Sat, Oct 31, 2015 at 04:10:33PM +0530, hyndavirap...@bel.co.in wrote: > >> tls_policy file contains: >> >> [201.123.80.173]:25 encrypt match=AHQserver > > Is the name in the certificate really not fully-qualified? The > "encrypt" policy does not entail certificate verification. > Try: > > [201.123.80.173]:25 secure match=AHQserver > >> transport map details are as follows >> >> AHQ.tcs.mil.example relay:[201.123.80.173]:25 > > That's fine. > >> Subject: C=Example, ST=karnataka, O=bel, OU=crl, >> CN=AHQserver/emailAddress=ahqserver_smtp_ad...@tcs.mil.example > > Is there a subjectAlternativeName extension in the certificate? > > When DNS names are present in the SAN extension, the subject > CommonName is ignored. > > -- > Viktor. >
Thanks for the reply... by changing following line of tls_policy [201.123.80.173]:25 encrypt match=AHQserver with [201.123.80.173]:25 secure match=AHQserver solved my problem. thank you so much... -- hyndavi Every 3000 Sheets of paper costs us a tree.. Save trees... Conserve Trees. Don't print this email or any Files unless you really need to!!!! Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Bharat Electronics or supp...@bel.co.in immediately and destroy all copies of this message and any attachments.
