Re: [Exim] [SSL/TLS] Howto needed

Top Pagina
Delete this message
Reply to this message
Auteur: Xander D Harkness
Datum:  
Aan: 'Exim-User'
Onderwerp: Re: [Exim] [SSL/TLS] Howto needed
Yann Golanski wrote:

>Quoth Thomas Baumann on Wed, Jul 10, 2002 at 10:58:45 +0200
>
>
>>Is there anybody who can give me a howto
>>to setup exim with tls/ssl correctly, i.e.
>>
>>
>
>Yes.
>
>
>
>>step by step
>>
>>
>
> su -
> cd $EXIM_HOME
> vim Local/Makefile <- edit in all the SSL options.
> make install
> less docs/exim.spec
> vim $EXIM_INSTALL/exim.configuration
> exim -d 9 -b[th] [foo/127.0.0.1]
>
>Last time I looked at it, I set it up just following the instructions
>in the documentation to the letter and things worked fine for me. I even
>tested it using TCPdump and all the packets were encrypted indeed --
>which is what you want really.
>
>

You will also need a certificate if you want it to act as a server for
relaying messages to etc.

These may be created by doing the following all on one line:


openssl req -x509 -newkey rsa:1024 -keyout /etc/eximcert -out /etc/eximcert -days 9999 -nodes


It creates a certificate at /etc/eximcert for the mail server to use.

You also need a couple of things in the exim.conf file to tell exim to
use it:

tls_certificate = /etc/eximcert
tls_privatekey = /etc/eximcert
tls_advertise_hosts = *

After restarting exim it should tell everyone that it can use TLS. Exim
will use TLS by default if it is there.

Do have a look through the manual - it is very good. Have a look for
certificates, TLS etc.

http://www.exim.org/exim-html-4.00/doc/html/spec_toc.html#TOC200

Cheers
Xander