* Heiko Schlittermann via Exim-users (exim-users@lists.exim.org) [231017 13:00]: > To be on the safe side: the the permission on the *whole* path (e.g. > using `namei -l …`), the cert and key file must be readable by the Exim > runtime user or group. If you use the cert as a client (during > transport), beware that normally Exim doesn't initialize the > supplementary groups, (see transport option `init_groups`).
What's the recommended way to setup the certificates? Adding initgroup to the smtp transport (and adding the main exim user, e.g. Debian-exim to the group granting access, e.g. ssl-cert)? Or add a group-setting to those transports? Andi -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## exim-users-unsubscr...@lists.exim.org ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
