RE: Problem signing MultipleSignatures from LDAP

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Murray S. Kucherawy <msk_at_cloudmark.com>
Date: Mon, 21 Nov 2011 11:44:56 -0800

> -----Original Message-----
> From: opendkim-users-bounce_at_lists.opendkim.org [mailto:opendkim-users-bounce_at_lists.opendkim.org] On Behalf Of Patrick Ben Koetter
> Sent: Monday, November 21, 2011 11:34 AM
> To: opendkim-users_at_lists.opendkim.org
> Subject: Re: Problem signing MultipleSignatures from LDAP
>
> root_at_play:~# opendkim -Q
> opendkim: enter data set description
> csl:entry1[,entry2[,...]]
> file:path
> refile:path
> db:path
> dsn:<backend>://[user[:pwd]_at_][port+]host/dbase[/key=val[?...]]
> ldapscheme://host[:port][/dn[?attrs[?scope[?filter[?exts]]]]]
> lua:path
> >
> ldap://localhost/ou=people,dc=example,dc=com?DKIMIdentity,DKIMSelector
> > ,DKIMKey,?sub?(DKIMSelector=$d)
> opendkim: enter 'query/n' where 'n' is number of fields to request
> > alice-2011/3
> 'alice_at_play.state-of-mind.de'
> 'alice-2011'
> '-----BEGIN RSA PRIVATE KEY-----
> [...]

The first field of your KeyTable should be the signing domain name, not a full signer identity.

If you want to set "i=", you should include that as the second field of the SigningTable.

-MSK
Received on Mon Nov 21 2011 - 19:45:08 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:21 PST