Re: [exim] DKIM: signing failed (RC -101)

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MRamana Kumar at <-
MRamana Kumar at ->
Delete this message
Reply to this message
Author: Tom Kistner
Date:  
To: Ramana Kumar
CC: Wolfgang Breyha, exim-users
Subject: Re: [exim] DKIM: signing failed (RC -101)
genpkey seems to be a generic function. I've never used that. Use -genrsa
instead to force rsa. Maybe your openssl defaults to DSA for genpkey.

2012/8/24 Ramana Kumar <ramana@???>

> Sorry, I should have posted this earlier.
> This is the command I used to generate the private key:
>
> openssl genpkey -algorithm RSA -out dkim.private.key
>
> So, no, I didn't use -des3 or -nodes, and I don't think my private key is
> encrypted.
> But maybe exim doesn't like the output of genpkey?
>
>
> On Fri, Aug 24, 2012 at 8:29 PM, Tom Kistner <tom@???> wrote:
>
>> The line you posted shows how you extracted the public portion from the
>> private key.
>>
>> Maybe your private key is encrypted.
>>
>> When you generated the private key, was -des3 or -nodes specified on the
>> commandline, and did openssl ask you for a passphrase?
>>
>> 2012/8/22 Ramana Kumar <ramana@???>
>>
>>> But what could be wrong?
>>>
>>> I generated it like this:
>>> openssl rsa -in dkim.private.key -pubout -out dkim.public.key
>>>
>>> As I understand it the problem is not with whether the public and private
>>> keys match, but with the private key itself. Does openssl (as above) not
>>> generate them in a format exim can read?
>>>
>>> % openssl version
>>> OpenSSL 1.0.1c 10 May 2012
>>>
>>>
>>> On Wed, Aug 22, 2012 at 5:00 PM, Wolfgang Breyha <wbreyha@???>
>>> wrote:
>>>
>>> > Ramana Kumar wrote, on 22.08.2012 10:23:
>>> > > What does RC -101mean? I think it means Exim couldn't read my
>>> private key
>>> > > or something is wrong with my private key.
>>> >
>>> > Reading the source says
>>> > #define PDKIM_ERR_RSA_PRIVKEY      -101

>>> >
>>> > returned by:
>>> >       /* Perform private key operation */
>>> >       if (rsa_parse_key(&rsa, (unsigned char *)sig->rsa_privkey,
>>> >                         strlen(sig->rsa_privkey), NULL, 0) != 0) {
>>> >         return PDKIM_ERR_RSA_PRIVKEY;
>>> >       }

>>> >
>>> > So, yes, there is something wrong with your private key.
>>> >
>>> > Greetings,
>>> > Wolfgang
>>> > --
>>> > Wolfgang Breyha <wbreyha@???> | http://www.blafasel.at/
>>> > Vienna University Computer Center | Austria
>>> >
>>> >
>>> --
>>> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
>>> ## Exim details at http://www.exim.org/
>>> ## Please use the Wiki with this list - http://wiki.exim.org/
>>>
>>
>>
>
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] DKIM: signing failed (RC -101)Re: [exim] DKIM: signing failed (RC -101)->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)