Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Connected to 127.0.0.1.
Escape character is '^]'.
220 <server> ESMTP Exim 4.69 Fri, 21 Jan 2011 15:33:15 +0000
ehlo test
250-<server> Hello localhost [127.0.0.1]
250-SIZE 52428800
250-PIPELINING
250-STARTTLS
250 HELP
STARTTLS
454 TLS currently unavailable
quit
221 <server> closing connection
when i check in the logs i get this:
2011-01-21 15:33:20 TLS error on connection from localhost (test) [127.0.0.1] (cert/key setup: cert=/etc/exim4/exim.crt key=/etc/exim4/exim.key): Error while reading file.
however for the life of me i cannot find why its saying this.
i've tried exim with tls debug on like so: exim -d+tls
i've tried stracing the process, changing the file permissions so they are workd readable, changing the ownership.
all to no avail and a very hurty head.
does anyone have any idea as to why its saying this or any other ideas i can try to get this working ?
Have you confirmed that the key and cert are valid? "openssl x509 -in exim.crt -nooout -text" should print out the valid cert and "openssl rsa -in exim.key -noout -text" should do the same for the key. Outside of the basic file system / user rights issues that's the only level that really seems to make sense. You might also try removing that key / cert to ensure a problem about finding the files themselves, and check a different error is received etc.
the openssl stuff you gave seemed to indicate that the certificate and keys were fine, so i tried your second suggestion, i renamed the files to something else and it still threw the error, so i was thinking permission problems.
so i did a little more digging...
i altered the Debian-exim user so it had a valid shell then su'ed to that user. i then cd'd in to the /etc/exim4 directory and was given a permission denied message. i checked the permissons on the directory and discovered that the permissions were set wrong. i had:
U: rw-
g: r--
o: ---
i chmodded the dir like so: chmod ug+x ./.
re-tested the user again and i was then let in to the directory ( hazarr! ) after re-naming key and the cert back to what exim was expecting i re-tried telnet and got this:
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 <servername> ESMTP Exim 4.69 Sun, 23 Jan 2011 15:01:36 +0000
ehlo localhost
250-<servername> Hello localhost [127.0.0.1]
250-SIZE 52428800
250-PIPELINING
250-STARTTLS
250 HELP
STARTTLS
220 TLS go ahead
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
