Re: [exim] Exim Retaining Non-Existant SSL Certificates

Góra strony
Delete this message
Reply to this message
Autor: W B Hacker
Data:  
Dla: exim users
Temat: Re: [exim] Exim Retaining Non-Existant SSL Certificates
Graham Christensen wrote:
> Interesting results (sorry for the long delay, went on a short trip.)
>
> I've checked the contents of my .crt and my .key, and verified that they
> belong together. I have all but tls_remember_esmtp and
> auth_advertise_hosts - should I try adding them?


You may want the check the pros and cosn (in docs) of tls_remember-esmtp

But auth_advertise_hosts is a 'must have' for most installations.

For one thing, some of us need it to list *exemptions*, in my case a
hot-standby that has the same cert as the 'duty' machine.

> I've verified that
> there aren't any other MTAs running on the system.
>
> I once stopped Exim, verified all the processes are gone, started it,
> connected, and the proper SSL certificate is used - but then after a
> moment, the old one comes back.
>


Weird.

Are you sure you are looking at Exim in all cases, and not a POP/IMAP cert?

NB: I happen to use the same cert, but they are actually independent.


> Any thoughts?
> Graham Christensen
>


Could you be running two instances - one on the external IP/port, one
not? (i.e. don't test from the CLI - test from the 'outside' with SWAKS
or such).

Bill