[exim] Uid used to access TLS-certificates

I have exim 4.44, compiled with TLS-support, and using certificates issued
by CA (not sef-signed).

Now user 'exim' seems to be used to read the certificate files.
Is there any way to make exim to read the certificates as root? Exim
executable is setuid to root, so it should be possible, I think.

This would allow me to have sertificate (and especially the key) files
readable by no one but root. Kind of security problem if they are readable
by too many users, I think.

--
TiN