Re: [exim] Can't read SSL key/cert, how to debug?

Top Page
Delete this message
Reply to this message
Author: Klaus Ethgen
Date:  
To: exim-users
Subject: Re: [exim] Can't read SSL key/cert, how to debug?
Hi,

Am Mo den 22. Dez 2014 um 12:12 schrieb Yves Goergen:
> > Then, check permissions. In my nearest host with Ubuntu-12.04.5
> > the /etc/ssl/private directory can be read by root only.
> > Are use sure the MAIN_HOST file is readable for Exim?
>
> Yes, I am sure.


But from all you described, that is the source of that problem.

The exim daemon has to be able to read the key there. So
/etc/ssl/private has to be at least searchable by exim daemon. (Making
it 711 does not realy do some harm.) and the key has to be readable by
root and exim daemon only but the last must be able to do so.

My rights look like:
   drwx--x--x 2 root root        4,0K Okt 30 21:41 .
   drwxr-xr-x 4 root root          50 Okt 17 09:22 ..
   [...]
   -rw-r----- 1 root Debian-exim 3,2K Apr  8  2014 mail.ethgen.de.key


Regards
   Klaus
- -- 
Klaus Ethgen                              http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen <Klaus@???>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C