chiark / gitweb /
~mdw / exim-config / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
config.m4: Present a LetsEncrypt certificate to external clients.
[exim-config] / config.m4
diff --git a/config.m4 b/config.m4
index db6b966df2c9d31b7e325c30020850a55c0014ca..a9b30b891c27fbc1e8b1e0be5827883e1c7787e2 100644 (file)
--- a/config.m4
+++ b/config.m4
@@ -80,7 +80,11 @@ DEFCONF(relay_clients, <m4_dnl
 )
 
 ## TLS certificate list.
-DEFCONF(certlist, CONF_sysconf_dir/server.certlist)
+DEFCONF(certlist,
+<:m4_ifelse(t, m4_ifelse(MODE, hub, nil, MODE, srv, nil, t),
+<:CONF_sysconf_dir/server.certlist:>,
+<:CONF_sysconf_dir/${if match_ip{$sender_host_address}{+trusted} \
+       {server}{letsencrypt}}.certlist:>):>)
 
 ## TLS-related settings.  We're assuming GNUTLS here, rather than OpenSSL.
 ## For local connections we are very strict.  For random clients, we try
The distorted.org.uk Exim configuration.