Autor: Adrian Datum: To: exim-users Betreff: Re: [exim] Error while reading cert or key file
Heiko Schlittermann wrote >> systemctl restart dovecot
>Why dovecot?
I don't remember why, it was a while ago. Maybe unnecessary. I did
know that exim4 re-reads the file and a restart wasn't needed for it.
The modulos match as root. But I realised it was important to do it as
Debian-exim. I don't have sudo installed but used su -s /bin/bash
Debian-exim. (Thanks for listing the exact commands BTW).
And the error was fairly obvious. I couldn't read the cert file or the
symlink to it.
/etc/letsencrypt and its subdirectories live and archive were group
executable (750), but the group was root. Changing the group to
Debian-exim fixed the problem. The private keys are still (700
root:root) so I trust this hasn't reduced security.