Setting up TLS for Exim

Instructions for setting up TLS support for Exim on Debian Linux. I would imagine that these instructions would work with other distributions of Linux.

These instructions are taken from http://www.exim.org/exim-html-3.20/doc/html/spec_38.html.

Create the directory /etc/exim4/certs.

Run the following command as root.

openssl req -x509 -newkey rsa:1024 -keyout /etc/exim4/certs/certificate -out /etc/exim4/certs/certificate -days 9999 -nodes

Answer the questions prompted by openssl. This creates a self-signed certificate. Both the certificate and the key will be contained within the /etc/exim4/certs/certificate file. For other options, please see the website above from which these instructions were taken.

Add the following three lines to the main section of your Exim config file.

tls_advertise_hosts = *
tls_certificate = /etc/exim4/certs/certificate
tls_privatekey = /etc/exim4/certs/certificate

Restart Exim. You should now be able to connect using TLS. In the exim log files you should see entries like this.

2008-01-28 12:06:13 1JJZJ4-0004iG-0L <= soren@sbtechsolutions.biz H=(host) [10.0.0.1] P=esmtpsa =TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32

Personal tools

Setting up TLS for Exim

Document Actions