Re: [exim] Can't read SSL key/cert, how to debug?

Sat, 20 Dec 2014 12:11:17 -0800 

Am 20.12.2014 um 20:20 schrieb Evgeniy Berdnikov:

  Did you play with ssl/tls options? Did you restrict list of ciphers?


Not that I'm aware of. This is what I have about TLS in my config:


MAIN_HOST    = example.com
tls_advertise_hosts = *
tls_certificate = /etc/ssl/private/MAIN_HOST
tls_privatekey = /etc/ssl/private/MAIN_HOST
tls_on_connect_ports = 465



The file /etc/ssl/private/example.com contains the private key, then the 
host certificate and then all chained certificates. This works for all 
other services using that file (apache, dovecot, proftpd, prosody).


Am 20.12.2014 um 20:20 schrieb Evgeniy Berdnikov:

  Try to run exim with debugging options, -d-all+tls first.



It prints some text and then ends. No port is opened afterwards, so I 
guess it didn't continue in the background or somehwere. Is this expected?



# exim -d-all+tls
Exim version 4.82 uid=0 gid=0 pid=16857 D=8000000
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS 
move_frozen_messages Content_Scanning DKIM Old_Demime
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz 
dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite
Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [4.8.2]
Library version: GnuTLS: Compile: 2.12.23
                         Runtime: 2.12.23
Library version: Cyrus SASL: Compile: 2.1.25
                             Runtime: 2.1.25 [Cyrus SASL]
Library version: PCRE: Compile: 8.31
                       Runtime: 8.31 2012-07-06
Library version: MySQL: Compile: 5.5.35 [(Ubuntu)]
                        Runtime: 5.5.40
Library version: SQLite: Compile: 3.8.2
                         Runtime: 3.8.2
WHITELIST_D_MACROS: "OUTGOING"
TRUSTED_CONFIG_LIST: "/etc/exim4/trusted_configs"
tls_validate_require_cipher child 16858 ended: status=0x0
configuration file is /etc/exim4/exim4.conf
log selectors = 00000ffc 0023b009
cwd=/root 2 args: exim -d-all+tls
trusted user
admin user
Exim is a Mail Transfer Agent. It is normally called by Mail User Agents,
not directly from a shell command line. Options and/or arguments control
what it does when called. For a list of options, see the Exim documentation.



--
Yves Goergen
http://unclassified.de
http://dev.unclassified.de

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/






















					Reply via email to