Re: [exim] Best way tls_certificate select

Sławomir Dworaczek Sun, 21 Jan 2018 02:43:50 -0800

Thats Works !
Thanks Arkadiusz !

key.${lc:${tls_sni}}.pem = key.mail.domain.com.pem


One more question, I want to force sslv3 encryption but I have a bug

tls_require_ciphers invalid: 
gnutls_priority_init(ALL:!ADH:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:!SSLv3) failed at 
offset 0, "ALL:!ADH.." failed: The request is invalid.

Regards 
Slawek

----- Original Message ----- 
From: Sławek 
To: [email protected] 
Sent: Saturday, January 20, 2018 10:22 PM
Subject: RE: Best way tls_certificate select


letsebcrypt creates directory structure:
/etc/letsencrypt/live/mail.domain.com/ for one domain and
/etc/letsencrypt/live/mail.domain2.com for secound domain 
this directories contains files: fulchain.pem and privkey.pem
This files is symlink from 
/etc/letsencrypt/atchive/mail.domain.com/fulchain1.pem
bacause if renew cert. Files in archive directory store as ...2 


that's why it wants a variable to the set directory, not a file, unless you 
create a symlink ?



If symlink name cert.mail.domain.com.pem
you variable is ok ? 


cert.${lc:${tls_sni}}.pem






Regards






Pozdrawiam
Sławomir Dworaczek


--------------------------------------------------------------------------------


<br><br>-------- Oryginalna wiadomość --------<br>Od: Sławek 
&lt;[email protected]&gt; <br>Data: 20.01.2018  21:23  (GMT+01:00) <br>Do: 
Sławek &lt;[email protected]&gt;, [email protected] <br>Temat: RE: Best 
way tls_certificate select <br><br>


--------------------------------------------------------------------------------


Ok i understand this variable cert.${lc:${tls_sni}}.pem = 
cert.mail.domain.com.pem yes ?
 via tls_sni not based on the directory?




Regards

Sławomir Dworaczek


--------------------------------------------------------------------------------



    
Ok i understand this variable cert.${lc:${tls_sni}}.pem = 
cert.mail.domain.com.pem yes ? via tls_sni not based on the directory?

Regards
Sławomir Dworaczek
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Best way tls_certificate select

Reply via email to