Gary Stainburn via Exim-users <exim-users@???> (Mo 30 Apr 2018 15:58:52 CEST):
> I have now purchased (through 123-reg) a SSL certificate and I am trying to
> install it on the server.
>
> However, copious Google searches all seem to be bringing up the same few
> articles, most of which are for specific platforms, e.g. those with cPanel
> installed.
>
> tls_certificate = /etc/pki/tls/certs/exim.pem
> tls_privatekey = /etc/pki/tls/private/exim.pem
…
> My problem is that from my SSL certificate purchase I have an "Intermediate
> Certificate" and a 'SSL Certificate'. The second of which is apparently
> formatted for web software including Apache. I did not receive any key files.
The intermediate cert(s) are probably in PEM format as the certificate
you bought.
You can concat all files
cat CERT-PEM BUNDLE-PEM KEY-PEM > DIR/ssl.pem
And configure Exim using the same file for everything:
tls_certificate = DIR/ssl.pem
# tls_privatekey =
Of cause, replace CERT-PEM, BUNDLE-PEM, KEY-PEM, and DIR with the approbiate names
Any text (as output from some certificate authorities) doesn't matter,
als long as the lines between
------- BEGIN whatever -------
<base64 encoded whatever>
------- END whatever ------
are left intact.
Keep care to "unprotect" your key:
openssl rsa -in KEY-PEM -out KEY-PEM
Or just combine everything:
cat CERT-PEM BUNDLE-PEM <(openssl rsa -in KEY-PEM) > DIR/ssl.pem
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
