Howto: Renewing Exim SSL certificate

Posted on Updated on


Renewing exim SSL certificate without using Cpanel or exim scripts,first we have to create the certificate and replace the file with suitable permissions,  follow the below steps to do.

1, Creating Self signed certificate files using Openssl.

root@server09 [~]# openssl req -x509 -newkey rsa:1024 -keyout /root/server.key -out /root/server.crt -days 365 -nodes
Generating a 1024 bit RSA private key
writing new private key to '/root/server.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [GB]:IN
State or Province Name (full name) [Berkshire]:Karnataka
Locality Name (eg, city) [Newbury]:Banglore
Organization Name (eg, company) [My Company Ltd]:Private Ltd
Organizational Unit Name (eg, section) []:JWH
Common Name (eg, your name or your server's hostname) []:server.domain.com
Email Address []:

2, Verify the existing location and filename and replace the files

root@server09 [~]# ll /etc/exim.key /etc/exim.crt
lrwxrwxrwx 1 root root 31 2月 26 2010 /etc/exim.crt -> /var/cpanel/ssl/exim/myexim.crt
lrwxrwxrwx 1 root root 31 2月 26 2010 /etc/exim.key -> /var/cpanel/ssl/exim/myexim.key
mv /var/cpanel/ssl/exim/myexim.crt /var/cpanel/ssl/exim/myexim.crt_30_5_2013
mv /var/cpanel/ssl/exim/myexim.key /var/cpanel/ssl/exim/myexim.key_30_5_2013
mv /root/server.key /var/cpanel/ssl/exim/myexim.key
mv /root/server.crt /var/cpanel/ssl/exim/myexim.crt
chmod 660 /etc/exim.key /etc/exim.crt /var/cpanel/ssl/exim/myexim.key /var/cpanel/ssl/exim/myexim.crt
chown mailnull.mail /etc/exim.key /etc/exim.crt /var/cpanel/ssl/exim/myexim.key /var/cpanel/ssl/exim/myexim.crt

3, Restart exim

root@server09 [~]# service exim restart

Error: exim logged Undefined subroutine &main::user2uid called. LOG: MAIN

Posted on Updated on

EximMy email server was not delivering any of the email from the domains hosted on my Cpanel server, I was  checked the exim log, it shows some ACL (Access Control List)rules from the exim configuration. This will and also I tried to send email manually but the same error will logged. After googling for a minute I found the solution for this.

It is because for exim  unable to read configuration characters. simple solution to fix this just  rebuild configuration onceagain and copy exim.pl to /etc, now everythings looks fine

Exim error :
cwd=/root 4 args: /usr/sbin/exim -i -v testemail@gmail.com
F=<root@darkmatter.dnsprotect.com> rejected by non-SMTP ACL: failed to expand ACL string "${if eq{$originator_uid}{${perl{user2uid}{nobody}}}{1}{0}}": Undefined subroutine &main::user2uid called. LOG: MAIN
cwd=/var/spool/exim 8 args: /usr/sbin/exim -v -t -oem -oi -f <> -E1UY3r2-000

Rebuilding exim configuration:

root@server-web [~]# /scripts/buildeximconf
Configuration file passes test! New configuration file was installed.
/etc/exim.pl.local.build syntax OK
Enabled system filter options: attachments|spam_rewrite
/etc/exim.pl.local installed!
razor2 is not installed, disabling it in SpamAssassin to save memory
pyzor is not installed, disabling it in SpamAssassin to save memory
SPF is disabled in exim or unavailable, enabling SPF for SpamAssassin
Refreshing SMTP Mail protection.

Some it is necessary to copy the exim.pl to /etc, because the script will remove the file while rebuilding. check the file availability before executing this step.

root@server-web [~]# cp -rpf /etc/exim.pl.local /etc/exim.pl

Verify  before restarting exim,

root@server-web [~]# mail -s "Testemail please ignore" "testemail@gmail.com" -- -f "testemail@example.com"
Test email please ignore

Hope this will help you.