Luxury Car Rental Dubai<https://carrentaldxb.com>
On 2022-01-07 16:23, Michael Naef wrote: > Hi everyone > > I'm testing to offer a TLS client Cert when Exim acts as an SMTP client to a > remote MTA. > > However exim is unable to read the private key unless I make it world readable > (Which I obviously dont't want to do): > > 2022-01-07 17:12:07 1n5rcx-0008mU-OP == a@??? R=dnslookup T=remote_smtp > defer (-37) H=my.tld [1.2.3.4]:25: TLS session: (SSL_CTX_use_PrivateKey_file > file=/usr/[..]/privkey4.pem): error:0200100D:system library:fopen:Permission > denied > > As what user is exim reading the TLS private key when it is acting as a TLS > client and configured to offe ar client cert? I couldn't find and figure it > out in the documentation... Is it fri(y)day-blindness? ;) > > > > [root@atlantis ~]# id mailnull > id=26(mailnull) gid=26(mailnull) groups=26(mailnull),3009(ssl) > > [root@atlantis ~]# ls -l /usr/[..]/privkey4.pem > -rw-r----- 1 root ssl 1704 Oct 28 11:44 /usr/[..]/privkey4.pem > > [root@atlantis ~]# sudo -u mailnull head -1 /usr/local/etc/letsencrypt/ > archive/atlantis.aeolus.ch/privkey4.pem > -----BEGIN PRIVATE KEY----- > > > Thanks for other eyes what my mistake could be... > > > Best Rregards, Michael > > > > Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
