Re: [exim] The No Certificate Warning and the Right Way to S…

Top Page
Delete this message
Reply to this message
Author: Martin McCormick
Date:  
To: exim-users
Subject: Re: [exim] The No Certificate Warning and the Right Way to Stop it
Jeremy Harris via Exim-users <exim-users@???> writes:
> What ended up in your actual running config after this stage?
> Us non-Deb users don't know what Deb does for you at this stage.
> Also, does it tell the daemon to reload the config just changed?


It stops the daemon and then starts the newly-configured daemon.
That's when I see the first cert warning.

    This is from exim4.conf.template:


#as originally set:
#tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS
#I modified it to read
tls_advertise_hosts =

This should have nulled out where tls_advertise_hosts points.



    This next part appears to be set as intended.


# Full paths to Certificate and Private Key. The Private Key file
# must be kept 'secret' and should be owned by root.Debian-exim mode
# 640 (-rw-r-----). exim-gencert takes care of these prerequisites.
# Normally, exim4 looks for certificate and key in different files:
#   MAIN_TLS_CERTIFICATE - path to certificate file,
#                          CONFDIR/exim.crt if unset


and that's where it is.

#   MAIN_TLS_PRIVATEKEY  - path to private key file
#                          CONFDIR/exim.key if unset


Martin McCormick