Re: [exim] Exim 4.87 reports no server certificate but appea…

Góra strony
Delete this message
Reply to this message
Autor: Heiko Schlittermann
Data:  
Dla: exim-users
Temat: Re: [exim] Exim 4.87 reports no server certificate but appears to work?
Mike Tubby <mike@???> (Do 07 Apr 2016 01:31:33 CEST):
> Anyone else seeing this with Exim 4.87?
>
>     Warning: No server certificate defined; TLS connections will fail.

>
> during "make install" and in panic log, while having a self-signed
> certificate defined (same config as Exim-4.86) and yet TLS appears to work?
>
>
> During "make install":
>
> >>> exim binary built
> make[1]: Leaving directory `/home/mike/exim-4.87/build-Linux-i386'
> Installation directory is /usr/local/bin
>
> 2016-04-07 00:16:35 Warning: No server certificate defined; TLS connections
> will fail.
> Suggested action: either install a certificate or change
> tls_advertise_hosts option
> cp exim /usr/local/bin/exim-4.87-3
> /bin/chown root /usr/local/bin/exim-4.87-3


That warning probably is caused by the scripts/exim_install script.
Around line 220 the built Exim is called with -bV -C /dev/null.

While we suppress warnings in the test/check modes (-bt, -bv, …), we do
not suppress warnings for -bV, since this is used for verification
purposes of your configuration. And while /dev/null is a valid
configuration, it's triggering that warning.

(And I even think, that the warning about keep_environment should
appear … )


> ...
>
>
> During start-up:
> root@relay1:~/exim-4.87# service exim start
> * Starting Exim MTA [ OK ]
> Warning: Exim paniclog has non-zero size, mail system possibly broken
> root@relay1:~/exim-4.87# cat /var/log/exim/paniclog
> 2016-04-07 00:16:35 Warning: No server certificate defined; TLS connections
> will fail.
> Suggested action: either install a certificate or change
> tls_advertise_hosts option


Yes, that's the warning from the installation step, it went into your
paniclog (compare the timestamps: 00:16:35).

If you - after the installation - call exim -bV, no warning should
appear anymore.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -