Author: James Price Date: To: Exim Users Subject: Re: [exim] Cannot establish connection from client via tls
On 5/7/2010 5:15 PM, James Brown wrote: > OS 8.0-STABLE FreeBSD , exim v. 4.71
> I am trying to customize my exim-server setting up on my vds.
> I have uncommented the next recordes in its configs:
> daemon_smtp_port = 25:465
> tls_certificate = CONFDIR/certificate.crt
> tls_privatekey = CONFDIR/certificate.key
> tls_on_connect_ports = 465
> and restarted my server.
> After that I have tried to send testing letters from my client on my
> local PC (Icedove 2.0.0.24 under Debian Lenny) but it wrote me that
> server was failed or refusing connections. (In the same time I could
> send email letters through the port n. 25 without tls/ssl).
> The log file of my server are attached.
> ls -l /usr/local/etc/server.key
> -r-------- 2 root wheel 887 Jan 1 1970 /usr/local/etc/server.key
> ls -l /usr/local/sbin/exim
> lrwxrwxrwx 1 root wheel 11 Apr 29 10:04 /usr/local/sbin/exim ->
> exim-4.71-0
> ls -l /usr/local/sbin/exim-4.71-0
> -rwsr-xr-x 2 root wheel 934792 Jan 1 1970 /usr/local/sbin/exim-4.71-0
> Does the exim daemon cannot have access to key-file?
>
> From the looks of this, it appears whatever user you're running exim
under does not have permission to open the key file, of course unless
you're running exim as root which certainly should have permissions
based on what you supplied. I would change the owner of the key and
cert file to the same user you're running exim under restart the daemon
and you should be good.