Hi Anton On Freitag, 7. Januar 2022 18:08:12 CET Anton via Exim-users wrote: > On 07-01-22 17:23, Michael Naef via Exim-users wrote: > > Hi everyone > > > > I'm testing to offer a TLS client Cert when Exim acts as an SMTP client to > > a remote MTA. > > hi Michael, > > try to add "initgroups = true" to transport?
Bingo! As the documentation says: https://www.exim.org/exim-html-current/doc/html/ spec_html/ch-generic_options_for_routers.html "If the router queues an address for a transport, and this option is true, and the uid supplied by the router is not overridden by the transport, the initgroups() function is called when running the transport to ensure that any additional groups associated with the uid are set up. See also group and user and the discussion in chapter 23. " --> "...to ensure that any additional groups associated with the uid are set up" This exactly what's missed: now the additional group 'ssl' to which 'mailnull', the exim_user, belongs to in my set-up is applied to the process and the certificate is readable. Thanks for the pointer! Michael
signature.asc
Description: This is a digitally signed message part.
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
