起初,我的configuration为exim tls证书看起来像这样:
tls_certificate = ${if exists{/etc/exim4/ssl/${tls_sni}.crt}{/etc/exim4/ssl/${tls_sni}.crt}{/etc/exim4/ssl/exim.crt}} tls_privatekey = ${if exists{/etc/exim4/ssl/${tls_sni}.key}{/etc/exim4/ssl/${tls_sni}.key}{/etc/exim4/ssl/exim.key}} 它工作。
我试图做一个嵌套的条件:
tls_certificate = ${if exists{/etc/exim4/ipssl/${received_ip_address}.crt}{/etc/exim4/ipssl/${received_ip_address}.crt}{${if exists{/etc/exim4/ssl/${tls_sni}.crt}{/etc/exim4/ssl/${tls_sni}.crt}{/etc/exim4/ssl/exim.crt}}} tls_privatekey = ${if exists{/etc/exim4/ipssl/${received_ip_address}.key}{/etc/exim4/ipssl/${received_ip_address}.key}{${if exists{/etc/exim4/ssl/${tls_sni}.key}{/etc/exim4/ssl/${tls_sni}.key}{/etc/exim4/ssl/exim.key}}}
此configuration通过语法testing(exim -bV),但是在任何客户端连接paniclog中的消息后,服务器立即closurestcp-connection:
2017-08-01 07:14:56 expansion of tls_certificate failed: missing or misplaced { or }
我以为我不能使用嵌套如果条件,但后来我发现这在默认的EXIMconfiguration:
REMOTE_SMTP_RETURN_PATH=${if match_domain{$sender_address_domain}{+local_domains}{${sender_address_local_part}@DCreadhost}{${if match_domain{$sender_address_domain}{ETC_MAILNAME}{${sender_address_local_part}@DCreadhost}fail}}}
为什么嵌套的条件不适用于我的情况? 有没有办法为tls证书制定类似的条件?
我相信你错过了一个右括号。 提示:当testing它时,请尝试编写这样的条件,以便在出现类似这样的问题时进行debugging:
${ if exists{/etc/exim4/ipssl/${received_ip_address}.crt} { /etc/exim4/ipssl/${received_ip_address}.crt } { ${ if exists{/etc/exim4/ssl/${tls_sni}.crt} { /etc/exim4/ssl/${tls_sni}.crt } { /etc/exim4/ssl/exim.crt } } } } <--