Hi -
OpenDKIM 2.11.0 Beta2 w/ patch from
https://github.com/trusteddomainproject/OpenDKIM/issues/33
Built against GnuTLS 3.6.5 / Nettle 3.4.1
It works beautifully with rsa-sha256
If I try ed25519-sha256 I get an error:
opendkim.service: main process exited, code=killed, status=6/ABRT
This is what private key looks like (yes I'm aware this one is now no
longer usable):
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEINRFq9VHSh4sso/vsSITQzBWWpdVzIOk6oTmHs26rzAp
-----END PRIVATE KEY-----
I can use certtool from GnuTLS to generate a self-signed cert from the
private key so I know GnuTLS is able to work with it.
My question of course is, does OpenDKIM expect Ed25519 private keys to
be in a different format than base64 encoded ANS.1 DER?
Or is it an issue with the build? Or support just not finished yet?
Playing around I tried a private key file with just a base64 encoding of
the raw bytes, and in that case OpenDKIM doesn't crash but I do get an
obvious error from GnuTLS function stating it can't import it.
Any suggestions appreciated. Mainly I'm just looking to be able to test
validation, but I have to be able to sign to have something to test
validation with ;)
Received on Wed Dec 19 2018 - 18:01:15 PST