2

I can't figure out how to make exim 4.82 recognise variable ${tls_sni} in tls_certificate section.

I'm trying to make exim use per-domain certificates, but I'm getting an error

expansion of tls_certificate failed: unknown variable in "${tls_sni}"

Here is a part of my conf file

tls_certificate = ${if exists{CONFDIR/ssl/cert.${tls_sni}}{CONFDIR/ssl/cert.${tls_sni}}{CONFDIR/ssl/exim.cert}}
tls_privatekey = ${if exists{CONFDIR/ssl/key.${tls_sni}}{CONFDIR/ssl/key.${tls_sni}}{CONFDIR/ssl/exim.key}}

Section log_selector +tls_sni is logging incoming SNI values during tls/ssl session.

I have also tried to use variable ${tls_in_sni} with the same result.

Thanks in advance for any help.

David Foerster
  • 35,754
  • 55
  • 92
  • 145
Aleksey
  • 21
  • 3
  • Apparently there's [a bug report](https://bugs.exim.org/show_bug.cgi?id=1499) on this issue, which states that the issue is resolved in version 4.83. – David Foerster Jul 22 '16 at 18:07
  • Was this problem fixed? Would someone mind sharing a working conf that allows me to dynamically match multiple ssl certs to exim4 virtual mail domains? – paj Apr 14 '20 at 19:41

1 Answers1

0

Unfortunately, it seems there is a bug in Exim 4.82 compiled against GnuTLS:

http://comments.gmane.org/gmane.mail.exim.devel/7292

whbogado
  • 126
  • 3