Hello,
I am configuring exim with a number of domains to use SNI certificates.
I have domains which use lets encrypt and commercial ssl certificates.
The certificates and keys as follows,
For the domain foo.com with user foouser :
Lets encrypt ssl certificate =
/etc/letsencrypt/live/foo.com/fullchain.pem
Lets encrypt ssl key = /etc/letsencrypt/live/foo.com/privkey.pem
Commercial ssl certificate =
/var/panel/userdata/foouser/ssl/foo.com-combined.pem
Commercial ssl key file =
/var/panel/userdata/foouser/ssl/foo.com-key.pem
So now I have the following configuration in exim.conf . I think it
won't work because using "*" inside the condition. Can any one help on
this. Is it ok to use a perl subroutine instead of the following
--------- Exim.conf start ------------
tls_certificate = ${if and \
{ \
{gt{$tls_in_sni}{}} \
{!match{$tls_in_sni}{/}} \
} \
{ \
${if exists {/etc/letsencrypt/live/${tls_in_sni}/fullchain.pem} \
{/etc/letsencrypt/live/${tls_in_sni}/fullchain.pem} \
} \
${if exists {/var/panel/userdata/*/ssl/${tls_in_sni}-combined.pem} \
{/var/panel/userdata/*/ssl/${tls_in_sni}-combined.pem} \
}\
} \
{/etc/exim/exim.crt.pem} \
}
tls_privatekey = ${if and \
{ \
{gt{$tls_in_sni}{}} \
{!match{$tls_in_sni}{/}} \
} \
{ \
${if exists {/etc/letsencrypt/live/${tls_in_sni}/privkey.pem} \
{/etc/letsencrypt/live/${tls_in_sni}/privkey.pem} \
}\
${if exists {/var/panel/userdata/*/ssl/${tls_in_sni}-key.pem} \
{/var/panel/userdata/*/ssl/${tls_in_sni}-key.pem} \
}\
} \
{/etc/exim/exim.key.pem} \
}
--------- Exim.conf end ---------------
Any help will be appreciated
--
Regards
Sherin A
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
