01-03-2022 08:07 AM
Hi,
Just want a clarification on the option "Verify Client certificate" under TLS / Preferred (or Required).
When I choose Prefered and Verify Client certificate, what is done is the background?
I understand that the ESA acts as a server when receiving a connection from a remote MTA (client), so it has nothing to verify the client certificate...
Does it mean that the ESA connects back to the remote MTA and check its "server" certificate?
And what is checked? Signed by Trusted CA, Date and CN?
Thanks for the help
Solved! Go to Solution.
01-03-2022 11:05 AM
01-03-2022 08:24 AM
01-03-2022 10:52 AM
Hi Ken,
Actually I was thinking off TLS settings in the Mail Flow Policy (not in destination controls).
You can choose, Prefered, Required and there is a "Verifiy Client certificate" option
But don't understand how it works in this situation since the ESA acts as a server in this case..
01-03-2022 11:05 AM
01-03-2022 02:53 PM
So this means it is not possible to check the remote MTA certificate when it connects to the ESA?
01-03-2022 03:12 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide