On 2008-03-29 at 00:18 -0400, Graham Christensen wrote: > Alright, I just ran the command to ssl'ize the connection, and the
> certificate being used is the incorrect one, with the old information
> (also expired at this point.) I'm not sure on how exactly to debug this,
> seeing as the SSL certificate *is* correct.
Are you connecting to a service name instead of a hostname, is it
currently pointed at the correct host?
Which Exim is running, does "exim -bV" list the same configuration file
you're looking at? Does a "warn logwrite = Hello world" at the start of
an ACL (RCPT, whatever) actually get used? If not, are you sending a
HUP to the listening daemon or to someplace else?
If you cut & paste exactly the TLS certificate path from Exim into a
command-line "openssl x509 -noout -text -in paste_here" do you see the
old certificate?
Do you have anything running inside a chroot or jail environment? Are
you accounting for that with the pathnames?