Re: [exim] Problem with tls_certificate and multiple domains

On 16/10/2019 07:58, Heiko Schlittermann via Exim-users wrote: > Heiko Schlittermann via Exim-users (Mi 16 Okt 2019 > 06:48:25 CEST): >> TLS_DOMAIN = ${if def:tls_in_sni {${lc:tls_in_sni}}{example.com}} >> >> tls_certificate = /etc/exim/private/certs/TLS_DOMAIN/cert.pem >>

Re: [exim] Problem with tls_certificate and multiple domains

On Wed, Oct 16, 2019 at 04:05:51PM -0400, Viktor Dukhovni via Exim-users wrote: > > On Oct 16, 2019, at 3:41 PM, Evgeniy Berdnikov via Exim-users > > wrote: > > > >> So, how do I configure exim so mail can still be accessed via tls and an > >> account can be created without any complaints

Re: [exim] Problem with tls_certificate and multiple domains

On 17/10/2019 08:48, DavidF via Exim-users wrote: > Why is $tls_in_sni empty in my setup? May I suggest that you use the debug facilities that Exim provides? -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ##

Re: [exim] Problem with tls_certificate and multiple domains

Ok, so if I do: openssl s_client -tls1 -starttls smtp -connect hosteddomain.com:587 -servername mail.hosteddomain.com My hosts cPanel install with Exim returns my hosteddomain.com certificate. From the exim.conf, I see: tls_certificate = ${if and \ { \ {gt{$tls_in_sni}{}} \

Re: [exim] Problem with tls_certificate and multiple domains

> On Oct 16, 2019, at 3:41 PM, Evgeniy Berdnikov via Exim-users > wrote: > >> So, how do I configure exim so mail can still be accessed via tls and an >> account can be created without any complaints about certificates from Apple >> Mail? > > It sounds as problem is in your Mac Mail, because

Re: [exim] Problem with tls_certificate and multiple domains

On Thu, Oct 17, 2019 at 10:39:18AM +0200, Cyborg via Exim-users wrote: > EHLO mail.example.com > 250-mail.server.de Hello muedsl-82-207-210-124.citykom.de [82.207.210.124] > ... > STARTTLS > 220 TLS go ahead > > There is no way to figure out what to write in the 220 greeting, except > you have

Re: [exim] Problem with tls_certificate and multiple domains

Am 17.10.19 um 00:17 schrieb Viktor Dukhovni via Exim-users: > >> You will never know what to provide, as the servername is part of the >> initial greeting HELO. Your setup will fail every time, because it's too >> late when you find out what to use. See below why . > This is false, neither the

Re: [exim] Problem with tls_certificate and multiple domains

On Thursday, 17 October 2019 9:17:04 AM AEDT Viktor Dukhovni via Exim-users wrote: > On Wed, Oct 16, 2019 at 10:04:16PM +0200, Cyborg via Exim-users wrote: > > Am 16.10.19 um 19:25 schrieb Nospam2k via Exim-users: > > > I want to use > > > mail.hosteddomainone.com for

Re: [exim] Problem with tls_certificate and multiple domains

On Wed, Oct 16, 2019 at 10:04:16PM +0200, Cyborg via Exim-users wrote: > Am 16.10.19 um 19:25 schrieb Nospam2k via Exim-users: > > > I want to use > > mail.hosteddomainone.com for the mail > > server names and not maindomain.com for > > the

Re: [exim] Problem with tls_certificate and multiple domains

Am 16.10.19 um 19:25 schrieb Nospam2k via Exim-users: > Ok, so. In order to simplify. Let’s say I have several domains being hosted > by a server called maindomain.com providing > dovecot/exim as the mail servers. I want to be able to use each domain name > as the name

Re: [exim] Problem with tls_certificate and multiple domains

Nospam2k via Exim-users (Mi 16 Okt 2019 19:25:05 CEST): > Ok, so. In order to simplify. Let’s say I have several domains being hosted > by a server called maindomain.com providing > dovecot/exim as the mail servers. I want to be able to use each domain name > as the

Re: [exim] Problem with tls_certificate and multiple domains

On Wed, Oct 16, 2019 at 10:25:05AM -0700, Nospam2k via Exim-users wrote: > When I use Mac Mail and try to create an account, I get a “Mail cannot verify > the identity of the server” because the certificate is for maindomain.com > (I’m not sure why that is even being

Re: [exim] Problem with tls_certificate and multiple domains

Ok, so. In order to simplify. Let’s say I have several domains being hosted by a server called maindomain.com providing dovecot/exim as the mail servers. I want to be able to use each domain name as the name of the mail server, ex. for host myhosteddomainone.com

Re: [exim] Problem with tls_certificate and multiple domains

Am 16.10.19 um 17:13 schrieb Mike Tubby via Exim-users: > All of my users connect to post.thorcom.com as their server (outgoing > SMTP; or incoming IMAP) and neither Exim or Dovecot needs SNI or > handle multiple certificates. > > I think Nospam2k is making it too complex? > > > Mike Yes, I

Re: [exim] Problem with tls_certificate and multiple domains

On 16/10/2019 08:29, Cyborg via Exim-users wrote: Nospam2k (Mi 16 Okt 2019 08:05:05 CEST): Perhaps I should go about this a different way. I am going to be hosting multiple domains. Since it seems that $tls_in_sni is returning blank and/or can be unreliable, what is the best way to handle

[exim] Problem with tls_certificate and multiple domains

I needed to add that this is in the main body of exim.conf. This is during the setup of the email account using the domain appropriate for the account so that each “mail server” is the domain of the user. After many hours of troubleshooting, I cannot figure out how to correctly setup

[exim] Problem with tls_certificate and multiple domains

After many hours of troubleshooting, I cannot figure out how to correctly setup tls_certificate for multiple domains. I’m using CentOS 7.7 and Exim 4.92. I have only one exim.conf file. I have in the main body: tls_certificate = /etc/exim/private/certs/${lc:${domain:$h_from:}}/cert.pem

Re: [exim] Problem with tls_certificate and multiple domains

On 16 October 2019 6:29:29 pm AEDT, Cyborg via Exim-users wrote: > >Nospam2k (Mi 16 Okt 2019 08:05:05 CEST): >>> Perhaps I should go about this a different way. I am going to be >hosting multiple domains. Since it seems that $tls_in_sni is returning >blank and/or can be unreliable, what is

Re: [exim] Problem with tls_certificate and multiple domains

Nospam2k (Mi 16 Okt 2019 08:05:05 CEST): >> Perhaps I should go about this a different way. I am going to be hosting >> multiple domains. Since it seems that $tls_in_sni is returning blank and/or >> can be unreliable, what is the best way to handle things? To just use a >> default domain for

Re: [exim] Problem with tls_certificate and multiple domains

Please, use the list for communication, others may be interested in this too. Nospam2k (Mi 16 Okt 2019 08:05:05 CEST): > Perhaps I should go about this a different way. I am going to be hosting > multiple domains. Since it seems that $tls_in_sni is returning blank and/or > can be unreliable,

Re: [exim] Problem with tls_certificate and multiple domains

Heiko Schlittermann via Exim-users (Mi 16 Okt 2019 06:48:25 CEST): > TLS_DOMAIN = ${if def:tls_in_sni {${lc:tls_in_sni}}{example.com}} > > tls_certificate = /etc/exim/private/certs/TLS_DOMAIN/cert.pem > tls_privatekey = /etc/exim/private/certs/TLS_DOMAIN/privkey.pem > > You need a

Re: [exim] Problem with tls_certificate and multiple domains

Hi, 1st: please send your questions to exim-users@exim.org (not to the *-owner address). Nospam2k (Mi 16 Okt 2019 01:58:42 CEST): > After many hours of troubleshooting, I cannot figure out how to correctly > setup tls_certificate for multiple domains. I’m using CentOS 7.7 and Exim > 4.92. I