expose TLS certificate and private key paths separately

To avoid assuming the file names under a directory.
author: System administrator 2020-12-01 11:45:03 +0100
committer: System administrator 2020-12-01 11:45:03 +0100
commit: bb4117f666ed9f996eaae33d125f52ef45ed6349 (patch)
tree: e0a7de2ec31a6c23582db5027dae331386b0a4d3
parent: a7d33265b2aa39f2ea8559b1bfffbe060ef9dc65 (diff)
download: exim-bb4117f666ed9f996eaae33d125f52ef45ed6349.tar.gz
2 files changed, 5 insertions, 4 deletions
diff --git a/conf.d/010_main.conf b/conf.d/010_main.conf
index b04e9f5..3162f62 100644
--- a/conf.d/010_main.conf
+++ b/conf.d/010_main.conf
@@ -56,8 +56,8 @@ tls_advertise_hosts = *
 # need the first setting, or in separate files, in which case you need both
 # options.
-tls_certificate = CERTDIR/$primary_hostname.crt
+tls_certificate = TLS_CERTIFICATE_FILE
-tls_privatekey = CERTDIR/$primary_hostname.pem
+tls_privatekey = TLS_PRIVATE_KEY_FILE
 # In order to support roaming users who wish to send email from anywhere,
 # you may want to make Exim listen on other ports as well as port 25, in
diff --git a/exim.conf b/exim.conf
index 678be1e..3558007 100644
--- a/exim.conf
+++ b/exim.conf
@@ -37,10 +37,11 @@
 CONFDIR = /etc/exim
-CERTDIR = /etc/mail/ssl
 DKIMDIR = /etc/mail/dkim
+TLS_CERTIFICATE_FILE = /etc/keyring/exim.crt
+TLS_PRIVATE_KEY_FILE = /etc/keyring/exim.pem
 USERLIST = /etc/mail/list.d/users.list
 #ENABLE_PAM_AUTH = yes
 #DOVECOT_AUTH_SOCKET = /var/run/dovecot/auth-client
author	System administrator	2020-12-01 11:45:03 +0100
committer	System administrator	2020-12-01 11:45:03 +0100
commit	bb4117f666ed9f996eaae33d125f52ef45ed6349 (patch)
tree	e0a7de2ec31a6c23582db5027dae331386b0a4d3
parent	a7d33265b2aa39f2ea8559b1bfffbe060ef9dc65 (diff)
download	exim-bb4117f666ed9f996eaae33d125f52ef45ed6349.tar.gz