neo-hippie
Verified User
I have an issue with my server private key file.
Somehow Exim requires it to be at least readable by group / others so i have it at 644.
But there is a script running somewhere witch changes it randomly back to 600.
And then my Exim stops working (client can't sent email and gets a certificate error).
So my question is twofold, either how to stop a script changing permission.
Or how to make Exim compliant with a non readable private key file.
fyi. i have now manually changed it to 600 (to see the certificate error), and it now works fine.
but i have to randomly change it to 644 to get it working again.
edit: i have reloaded exim and the error occurs.
TLS error on connection from [xx.xx.xx.xx] (SSL_CTX_use_PrivateKey_file file=/etc/ssl/server.key): error:8000000D:system library:: Permission denied
Somehow Exim requires it to be at least readable by group / others so i have it at 644.
But there is a script running somewhere witch changes it randomly back to 600.
And then my Exim stops working (client can't sent email and gets a certificate error).
So my question is twofold, either how to stop a script changing permission.
Or how to make Exim compliant with a non readable private key file.
fyi. i have now manually changed it to 600 (to see the certificate error), and it now works fine.
but i have to randomly change it to 644 to get it working again.
edit: i have reloaded exim and the error occurs.
TLS error on connection from [xx.xx.xx.xx] (SSL_CTX_use_PrivateKey_file file=/etc/ssl/server.key): error:8000000D:system library:: Permission denied
Last edited:
