phoenixsagar:
> For one host certificate verification is failing randomly. I want to monitor
> that particular host.
> Specifically I want that depth and subject of certificate for which it is
> marking certificate expired.
> I have gone through pcaps but all certificates at that time are fine.
>
> So I want debug logs enabled for particular host. This log line will be
> dumped in log level 2. Currently I am not seeing this log line unless I go
> for general log level 4 option.
>
> Suggest me configuration for this use case ?
debug_peer logging is specific to client name or IP address, not
applicable to TLS.
tls_loglevel is applicable to TLS, not specific to client name or
IP address.
Options:
- Set up an smtpd process (in master.cf) on a different IP
address or TCP Port and have the client connect to that.
- Same, but use an IP firewall redirect route to redirect that client
to the different TCP Port.
Wietse
