Re: [exim] Error while reading cert or key file

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMAdrian at <-
.M 
Delete this message
Reply to this message
Author: Adrian
Date:  
To: exim-users
Subject: Re: [exim] Error while reading cert or key file
Heiko Schlittermann wrote
>> systemctl restart dovecot
>Why dovecot?

I don't remember why, it was a while ago. Maybe unnecessary. I did
know that exim4 re-reads the file and a restart wasn't needed for it.

The modulos match as root. But I realised it was important to do it as
Debian-exim. I don't have sudo installed but used su -s /bin/bash
Debian-exim. (Thanks for listing the exact commands BTW).

And the error was fairly obvious. I couldn't read the cert file or the
symlink to it.

/etc/letsencrypt and its subdirectories live and archive were group
executable (750), but the group was root. Changing the group to
Debian-exim fixed the problem. The private keys are still (700
root:root) so I trust this hasn't reduced security.

Thanks Heiko!

Adrian

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Better way to deal with phished users?Re: [exim] Better way to deal with phished users?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)