dkim.KeyFormatError Letsencrypt Privkey
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dkimpy |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Got a letsencrypt.org key and its not parseable?
private_key = open("privkey.pem", "rb").read()
dkim.sign(
File "/usr/local/
pka = asn1_parse(
File "/usr/local/
r.append(
File "/usr/local/
"Unexpected tag (got %02x, expecting %02x)" % (tag, t[0]))
dkim.asn1.
Changed in dkimpy: | |
status: | New → Incomplete |
dkimpy expects the private key to be encoded as DER, not PEM. You can convert the key with "openssl rsa -in privkey.pem -outform der -out privkey.der".
However, you probably want to use a dedicated key for DKIM, not one that is used for a certificate issued by Let's Encrypt -- DKIM doesn't use X.509 certificates, just PKCS #1 keys in which trust is directly provided by DNS records.