Dear list I try to set tls_certificate and tls_privatekey in remote smtp transport in order to instruct exim to present a client certificate on a connection made to another server. I get an error saying:
2018-06-01 00:22:34 1fOVxp-0005XP-S0 TLS error on connection to ts6.checktls.com [104.131.23.181] (cert/key setup: cert=/etc/ssl/letsencrypt/ente.limmat.ch/fullchain.pem key=/etc/ssl/letsencrypt/ente.limmat.ch/privkey.pem): Error while reading file. This error is rather clear but I am still unable to resolve the problem. I tried as user Debian-exim to cat both files which worked. I tried to reference a copy in /etc/exim4 which made the error go away, but remote servers do not get to see my client cert – at least this is what checktls.com Test Sender TLS reports: [...] ====tls negotiation successful (cypher: AES128-GCM-SHA256) client cert: Subject Name: undefined Issuer Name: undefined ~~> EHLO ente.limmat.ch [...] Since I use the same certificate and private key file for exim as a server and that works well, I do not think the files do have a problem (they are in fact symbolic links pointing to the latest fullchain-XXX.pem and privatekey-XXX.pem files). This is Exim 4.84 from Devuan Jessie. What am I missing? Thank you for your help. Best regards, Adrian Zaugg. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
