Re: [exim] $tls_in_sni is blank

Top Page
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: exim-users
Subject: Re: [exim] $tls_in_sni is blank
Am 17.10.19 um 21:41 schrieb Nospam2k via Exim-users:
>
> TLS error on connection from (openssl.client.net) [76.14.5.213]:57315 I=[107.180.239.134]:587 (SSL_CTX_use_certificate_chain_file file=/etc/letsencrypt/live//fullchain.pem): error:0200100D:system library:fopen:*Permission denied*
>


Exim runs as user exim or exim-debian and must have read access to that
file and the entire path down to it

Example:

[root@xXXX ~]# pathdiscover
/etc/httpd/letsencrypt/certs/xXXX.resellerdesktop.de/fullchain.pem

'/etc/httpd/letsencrypt/certs/xXXX.resellerdesktop.de/fullchain.pem'
translates to
'/etc/httpd/letsencrypt/certs/xXXX.resellerdesktop.de/fullchain-1568452431.pem'

  4148 Bytes  root/exim -rw-r----- : fullchain-1568452431.pem ( regular
file )
  4096 Bytes  root/exim drwxr-x--- : xXXX.resellerdesktop.de  ( directory )
  4096 Bytes  root/root drwxr-xr-x : certs                    ( directory )
  4096 Bytes  root/root drwxr-xr-x : letsencrypt              ( directory )
  4096 Bytes  root/root drwxr-xr-x : httpd                    ( directory )
 12288 Bytes  root/root drwxr-xr-x : etc                      ( directory )

best regards,
Marius