Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Add mail group to ssl files #1221
ssl files in user home dir are set to root:root, this causes the error when you try to use them with exim4 or dovecot:
for exim4 and dovecot you only need *.pem and *.key file. so im changing this file owners from root:root to root:mail.
if you manually change the permissions there will be set back again on next letsencrypt update, or custom ssl update.
yeah you are right, they dont read out of the box, but a lot of users including me uses the Generated LetsEncrypt Certificates for EXIM, DOVECOT and VESTA. this change doesnt broke anything but avoid a huge problem when letsnecrypt renew certs every certain time, because if cert is unreadable exim and dovecot stop working.
Again this change does not broke anything im using it in 4 production servers, avoiding this way the use of a daily cron check for set this permissions.
This is not related to the DKIM key error.
he, @serghey-rodin im using that two files with root:mail permissions in 5 production servers(Debian based), and everything is OK, so i think just changing the permissions after the certificate generations is a quick solution for this.
Because every time letsencrypt renew the certificates exim4 gets broken. and you cannot send mail. ( if you configure exim4 to use the certificates of course).