Per-IP ssl certificates for exim


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » Email » Exim

Per-IP ssl certificates for eximLast Modified: Aug 28, 2011, 9:01 pm
This has not been tested, but seems straight forward enough.
If you require certificates for each IP being used, this is the related exim.conf code:

tls_verify_certificates = /etc/exim/$received_ip_address.cacert
tls_certificate = /etc/exim/$received_ip_address.cert
tls_privatekey = /etc/exim/$received_ip_address.key

where the $received_ip_address is an exim variable filled with the IP that the connection came in on.

It's likely that the files must exist, so you must have a cert/key pair for each IP, but the easiest way to deal with that would be to use symbolic links for all IPs... or just have an exim check to see if the path exists.. and if not, revert to the defaults.

© 2018 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST