exim.crt & key don't exist?

[beddo]

Hi,
I've noticed in my cpup and other that this gets logged:

...chown: /etc/exim.crt: No such file or directory
chown: /etc/exim.key: No such file or directory

Now everything seems to be working with exim so is this a configuration difference with cpanel and exim using different directories hence causing the cpanel error? If so can anyone give me a pointed as to what to change to make them agree?

[chirpy]

The keys have been moved recently with symlinks to them in /etc:

Code:

lrwxrwxrwx    1 mailnull mail           29 Apr  6 10:23 /etc/exim.crt -> /var/cpanel/ssl/exim/exim.crt
lrwxrwxrwx    1 mailnull mail           29 Apr  6 10:23 /etc/exim.key -> /var/cpanel/ssl/exim/exim.key

Running /scripts/eximup --force ought to rectify the issue. If there was a problem, it's only likelt to be with SMTP over TLS (ssmtp)

[serversphere]

The keys have been moved recently with symlinks to them in /etc:

Code:

lrwxrwxrwx    1 mailnull mail           29 Apr  6 10:23 /etc/exim.crt -> /var/cpanel/ssl/exim/exim.crt
lrwxrwxrwx    1 mailnull mail           29 Apr  6 10:23 /etc/exim.key -> /var/cpanel/ssl/exim/exim.key

Running /scripts/eximup --force ought to rectify the issue. If there was a problem, it's only likelt to be with SMTP over TLS (ssmtp)

Any fix for that problem that you know of Jonathan? I have a couple users that like to send over SSL. Key/CRT files in place, links are there, permissions I would think look fine, yet still getting this error:

[qoute]TLS error on connection from [192.168.1.1]:2439 (SSL_CTX_use_certificate_chain_file file=/etc/exim.crt): error:0200100D:system library:fopen:Permission denied[/quote]

Have run /scripts/eximup couple times, restarted exim, courier-imap, cpanel, my lawn mower and jeep. Still no go. (Desperation move with the jeep, I know...)

[cpanelkenneth]

Any fix for that problem that you know of Jonathan? I have a couple users that like to send over SSL. Key/CRT files in place, links are there, permissions I would think look fine, yet still getting this error:

[qoute]TLS error on connection from [192.168.1.1]:2439 (SSL_CTX_use_certificate_chain_file file=/etc/exim.crt): error:0200100D:system library:fopen:Permission denied

Have run /scripts/eximup couple times, restarted exim, courier-imap, cpanel, my lawn mower and jeep. Still no go. (Desperation move with the jeep, I know...) [/QUOTE]

Restarting the lawn mower did it. You shredded the certs

EDIT:

Make certain the files in /var/cpanel/exim are owned by mailnull and mail. Like:

root@mundane [/var/cpanel/ssl/exim]# ls -la
total 16
drwxr-xr-x 2 mailnull mail 4096 May 2 22:14 ./
drwxr-xr-x 6 root root 4096 May 3 23:06 ../
-rw------- 1 mailnull mail 1289 May 2 22:14 exim.crt
-rw------- 1 mailnull mail 887 May 2 22:14 exim.key

For testing, I changed the owner and group to nobody, and received the same error you did.

[serversphere]

Shredded them? Well, at least I know I won't have to sharpen the blade this year!

I am using pop-before smtp. No special set up at all...

Edit:
Hmmm, in /var/cpanel/ssl/exim mine are set root:root, and only root readable. No write. Changing perms to match yours...


Edit2:
And voila.. she is fixed. Thank you kind sir. ( Now I have to do this to all our boxes then really go cut the lawn! lol )

[procam]

I seem to recall there was a problem some time ago with cpanel nightly updates wiping out my /etc/exim.key and /etc/exim.crt and I had a cron job running at 1am every morning to copy both back to the proper place is this still an issue does anyone know cause I just had to put crt in a new box today and I really dont like surprises first thing in the morning....