Re: [exim] setting up purchased SSL certificates on existing…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Diego Bellini
Datum:  
To: Exim-users@exim.org
Betreff: Re: [exim] setting up purchased SSL certificates on existing system
Hi,
If you bought a proper SSL certificate and the issuer gave you an intermediate certificate, you need to concatenate the certificate with the intermediate certificate
Something like this

cat domain.org.crt intermediate.crt > domain.org.chained.crt

you need to use domain.org.chained.crt as "tls_certificate"

note that if you do
"cat intermediate.crt domain.org.crt > domain.org.chained.crt"

This won't work

Kind regards,

Diego Bellini

________________________________
From: Exim-users [mailto:exim-users-bounces+diego.bellini=exponential-e.com@exim.org] On Behalf Of Gary Stainburn via Exim-users
Sent: 30 April 2018 14:59
To: exim-users@???
Subject: [exim] setting up purchased SSL certificates on existing system

This has to be so simple but I can't get my head round it.

I have an existing Cento 7 / Exim server running which I set up some time ago
using self generated certificates.

I have now purchased (through 123-reg) a SSL certificate and I am trying to
install it on the server.

However, copious Google searches all seem to be bringing up the same few
articles, most of which are for specific platforms, e.g. those with cPanel
installed.

Most of these articles discuss a certificate and key pair, and most refer to
the self generation process mentioned above. My exim.conf has the following
lines:

#tls_certificate = /etc/ssl/mail.ringways.co.uk.crt
#tls_privatekey = /etc/ssl/mail.ringways.co.uk.key

tls_certificate = /etc/pki/tls/certs/exim.pem
tls_privatekey = /etc/pki/tls/private/exim.pem

I seem to remember making these changes when I first set up the server using
articles similar to the ones I've just found.

My problem is that from my SSL certificate purchase I have an "Intermediate
Certificate" and a 'SSL Certificate'. The second of which is apparently
formatted for web software including Apache. I did not receive any key files.

Could someone please point me to (easy to understand) instructions on how to
install my new certificate onto Exim (and Dovecot too if possible)


Gary

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users<https://lists.exim.org/mailman/listinfo/exim-users>
## Exim details at http://www.exim.org/<http://www.exim.org/>
## Please use the Wiki with this list - http://wiki.exim.org/<http://wiki.exim.org/>