How to create a new self-signed /etc/exim.cert and /etc/exim.key in DirectAdmin

If you need to generate a new exim.cert and exim.key files, run:

/usr/bin/openssl req -x509 -newkey rsa:1024 -keyout /etc/exim.key -out /etc/exim.cert -days 9000 -nodes

and answer all questions with information you want the certificate to have. Once done, continue by typing:

chown mail:mail /etc/exim.key
chmod 644 /etc/exim.key
chmod 644 /etc/exim.cert
/etc/init.d/exim restart

Related error message in the /var/log/exim/mainlog:

(SSL_CTX_use_PrivateKey_file file=/etc/exim.key): error:0200100D:system library:fopen:Permission denied

Note that the /etc/proftpd.conf uses them as well, hence the need for 644 on the key.

Be the first to comment

Leave a Reply