> Am 24.05.2022 um 22:12 schrieb Jeremy Harris via Exim-users > <[email protected]>: > > https://www.postgresql.org/docs/9.1/libpq-ssl.html > <https://www.postgresql.org/docs/9.1/libpq-ssl.html> says it'll > send ~/.postgresql/postgresql.crt - and that is obviously > going to be a problem for a client that is dancing around different > user identities. > > https://www.postgresql.org/docs/9.5/libpq-envars.html > <https://www.postgresql.org/docs/9.5/libpq-envars.html> > lists PGSSLCERT and PGSSLKEY which look plausible as a way of > telling it specifically where to look. > So you just need to run with those set up in exim's environment. > Have a look at the "add_environment" min config option.
Thanks for pointing this out, A client cert is bound to a user (both client and db user). Doing this as root has too many implications and is not feasible. Its easier run exim w/o setuid root on the incoming and outgoing relays. Axel --- PGP-Key: CDE74120 ☀ computing @ chaos claudius -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
