Add to Favourites Add to Favourites    Print this Article Print this Article

How to create a new self-signed /etc/exim.cert and /etc/exim.key

If you need to generate a new exim.cert and exim.key files, run:

/usr/bin/openssl req -x509 -sha256 -days 9000 -nodes -newkey rsa:4096 -keyout /etc/exim.key -out /etc/exim.cert

and answer all questions with information you want the certificate to have.  Once done, continue by typing:

chown mail:mail /etc/exim.key
chmod 644 /etc/exim.key
chmod 644 /etc/exim.cert
/etc/init.d/exim restart

Related error message in the /var/log/exim/mainlog:

(SSL_CTX_use_PrivateKey_file file=/etc/exim.key): error:0200100D:system library:fopen:Permission denied

Note that the /etc/proftpd.conf uses them as well, hence the need for 644 on the key.

Was this answer helpful?

Also Read