Re: [exim] www.rellits.com ssl tutorial worked for courier, …

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Tommy Butler at <-
MMChristian Stiller at ->
Delete this message
Reply to this message
Author: hblists
Date:  
To: Tommy Butler
CC: 
Subject: Re: [exim] www.rellits.com ssl tutorial worked for courier, butnot exim
Hi

On Tue, Dec 14, 2004 at 11:52:06PM -0600, Tommy Butler wrote:
> I made the suggested edits. But I'm still getting that error. I even
> set the perms on my ssl key and cert to 777 to make sure it wasn't a
> perms problem.
> 
>    tls_certificate = /etc/ssl/certs/smtp.pem
>    tls_privatekey = /etc/ssl/private/mail.cityairlines.net.key.nopass.pem
ok - no permission problem. 

> I go back to the server shell and the debug messages are thus:
>    ppp-70-243-209-238.dsl.rcsntx.swbell.net [70.243.209.238]
>    22040 250-SIZE 52428800
>    22040 250-PIPELINING
>    22040 250-STARTTLS
>    22040 250 HELP
>    22040 SMTP<< starttls
>    22040 initializing GnuTLS as a server
>    22040 read RSA and D-H parameters from file
>    22040 initialized RSA and D-H parameters
>    22040 certificate file = /etc/ssl/certs/smtp.pem
>    22040 key file = /etc/ssl/private/mail.cityairlines.net.key.nopass.pem
>    22040 LOG: MAIN
>    22040   TLS error on connection from
>    ppp-70-243-209-238.dsl.rcsntx.swbell.net (tommy) [70.243.209.238]
>    (cert/key setup): Error while reading file.
>    22040 SMTP>> 454 TLS currently unavailable
>    22040 SMTP<< QUIT
>    22040 SMTP>> 221 noot.cityairlines.net closing connection
>    22040 LOG: smtp_connection MAIN
>    22040   SMTP connection from
>    ppp-70-243-209-238.dsl.rcsntx.swbell.net (tommy) [70.243.209.238]
>    closed by QUIT
>    22040 search_tidyup called
>    21925 child 22040 ended: status=0x0
>    21925 0 SMTP accept processes now running
>    21925 Listening...

>
> Does this tell me anything useful? Is there anywhere to go from here?
Try to generate a new cert (with an up-to-date openssl).
You can use the exim-gencert script (/usr/share/doc/exim4-base/examples/exim-gencert).
Optionally, create also a dhparams file.
Test exim with the new certificate!


Mit freundlichen Grüßen / Best regards

Hendrik Brückner

--
Mfg / Best regards / Les meilleurs salutations
Hendrik Brückner


"Our journey toward the stars has progressed swiftly.

In 1926 Robert H. Goddard launched the first liquid-propelled rocket,
achieving an altitude of 41 feet. In 1962 John Glenn orbited the earth.

In 1969, only 66 years after Orville Wright flew two feet off the ground
for 12 seconds, Neil Armstrong, Buzz Aldrin and I rocketed to the moon
in Apollo 11."
-- Michael Collins
Former astronaut and past Director of the National Air and Space Museum


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Dynamic IP Block Lists?[exim] Generating gnutls parameters offline instead of online when receiving STARTTLS?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)