Configuring SSL On Exim/Dovecot

I ran into a ton of problems recently trying to configure SSL on my server’s Exim/Dovecot services.

To solve them, I relied on the excellent¬†CheckTLS.com¬†to give me detailed information about how my server’s security was failing. I probably wouldn’t have been able to troubleshoot my particular problems without this.

In my case, it turned out to be problems with the intermediate certificate. I tried a number of ways to fix this before stumbling upon an answer that I never would have guessed. I kept grabbing the intermediate certificate from my CA, but no matter what I tried it would not authenticate.

I was able to get it to work, however, by copying the content of the CA cert into the exim.cert file using:


$ echo '' >> /etc/exim.cert
$ cat /etc/exim.cacert >> /etc/exim.cert