How to create a new self-signed /etc/exim.cert and /etc/exim.key


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » Email » Exim

How to create a new self-signed /etc/exim.cert and /etc/exim.keyLast Modified: Jul 17, 2011, 11:24 pm
If you need to generate a new exim.cert and exim.key files, run:

/usr/bin/openssl req -x509 -newkey rsa:1024 -keyout /etc/exim.key -out /etc/exim.cert -days 9000 -nodes

and answer all questions with information you want the certificate to have.  Once done, continue by typing:

chown mail:mail /etc/exim.key
chmod 644 /etc/exim.key
chmod 644 /etc/exim.cert
/etc/init.d/exim restart

Related error message in the /var/log/exim/mainlog:

(SSL_CTX_use_PrivateKey_file file=/etc/exim.key): error:0200100D:system library:fopen:Permission denied

Note that the /etc/proftpd.conf uses them as well, hence the need for 644 on the key.
 
Related Helpfiles
I'm not getting email from gmail

2003 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST