Gary Stainburn via Exim-users <[email protected]> (Mo 30 Apr 2018 15:58:52 CEST): > I have now purchased (through 123-reg) a SSL certificate and I am trying to > install it on the server. > > However, copious Google searches all seem to be bringing up the same few > articles, most of which are for specific platforms, e.g. those with cPanel > installed. > > tls_certificate = /etc/pki/tls/certs/exim.pem > tls_privatekey = /etc/pki/tls/private/exim.pem
…
> My problem is that from my SSL certificate purchase I have an "Intermediate
> Certificate" and a 'SSL Certificate'. The second of which is apparently
> formatted for web software including Apache. I did not receive any key files.
The intermediate cert(s) are probably in PEM format as the certificate
you bought.
You can concat all files
cat CERT-PEM BUNDLE-PEM KEY-PEM > DIR/ssl.pem
And configure Exim using the same file for everything:
tls_certificate = DIR/ssl.pem
# tls_privatekey =
Of cause, replace CERT-PEM, BUNDLE-PEM, KEY-PEM, and DIR with the approbiate
names
Any text (as output from some certificate authorities) doesn't matter,
als long as the lines between
------- BEGIN whatever -------
<base64 encoded whatever>
------- END whatever ------
are left intact.
Keep care to "unprotect" your key:
openssl rsa -in KEY-PEM -out KEY-PEM
Or just combine everything:
cat CERT-PEM BUNDLE-PEM <(openssl rsa -in KEY-PEM) > DIR/ssl.pem
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
