On Fri, Jun 10, 2022 at 03:19:30PM -0600, Elliot Finley via Exim-users wrote: > I've been trying to get exim4 up and running on Ubuntu 20.04. [...] > But the problem is, it doesn't appear that CONFDIR is being honored. Later
> in the config file there is:
>
> .ifndef MAIN_TLS_CERTIFICATE
> MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt
> .endif
> tls_certificate = MAIN_TLS_CERTIFICATE
>
> .ifndef MAIN_TLS_PRIVATEKEY
> MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key
> .endif
> tls_privatekey = MAIN_TLS_PRIVATEKEY
> .endif
>
> But those are NOT being defined.
>
> # exim -bP | grep tls
> tls_advertise_hosts = *
> tls_certificate =
Those definitions are skipped because this part of config is inside
".ifdef MAIN_TLS_ENABLE [...] .endif" block, and variable MAIN_TLS_ENABLE
is NOT enabled by default.
In supplemented docs /usr/share/doc/exim4-base/README.Debian.gz there is
par. 2.2.2, "TLS support for Exim as server":
One can also get a certificate from a CA and install the key in
/etc/exim4/exim.key and the certificate in /etc/exim4/exim.crt.
To enable use of the installed certificates set the macro
MAIN_TLS_ENABLE in a local configuration file as described in
Section 2.1.3, "Using Exim Macros to control the configuration".
--
Eugene Berdnikov