Re: [exim] Exim Retaining Non-Existant SSL Certificates

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Phil Pennock
Date:  
À: exim-users
Sujet: Re: [exim] Exim Retaining Non-Existant SSL Certificates
On 2008-03-29 at 00:18 -0400, Graham Christensen wrote:
> Alright, I just ran the command to ssl'ize the connection, and the
> certificate being used is the incorrect one, with the old information
> (also expired at this point.) I'm not sure on how exactly to debug this,
> seeing as the SSL certificate *is* correct.


Are you connecting to a service name instead of a hostname, is it
currently pointed at the correct host?

Which Exim is running, does "exim -bV" list the same configuration file
you're looking at? Does a "warn logwrite = Hello world" at the start of
an ACL (RCPT, whatever) actually get used? If not, are you sending a
HUP to the listening daemon or to someplace else?

If you cut & paste exactly the TLS certificate path from Exim into a
command-line "openssl x509 -noout -text -in paste_here" do you see the
old certificate?

Do you have anything running inside a chroot or jail environment? Are
you accounting for that with the pathnames?

-Phil