Comment 2 for bug 1708917

Thanks for the answer. Yeah I found out that I needed another key. Created
one with opendkim-genkey command. Some more documentation about what kind
of key and how to create one would be nice to not be confused with TLS keys.

Thanks, Martin

On 7 August 2017 at 10:36, William Grant <email address hidden> wrote:

> dkimpy expects the private key to be encoded as DER, not PEM. You can
> convert the key with "openssl rsa -in privkey.pem -outform der -out
> privkey.der".
>
> However, you probably want to use a dedicated key for DKIM, not one that
> is used for a certificate issued by Let's Encrypt -- DKIM doesn't use
> X.509 certificates, just PKCS #1 keys in which trust is directly
> provided by DNS records.
>
> ** Changed in: dkimpy
> Status: Incomplete => Invalid
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1708917
>
> Title:
> dkim.KeyFormatError Letsencrypt Privkey
>
> Status in dkimpy:
> Invalid
>
> Bug description:
> Got a letsencrypt.org key and its not parseable?
>
> private_key = open("privkey.pem", "rb").read()
>
> dkim.sign(message=message.encode("utf-8"),
> selector="DefaultPublicKey", domain=domain_name, privkey=private_key)
>
>
> File "/usr/local/lib/python3.5/dist-packages/dkim/crypto.py", line
> 130, in parse_private_key
> pka = asn1_parse(ASN1_RSAPrivateKey, data)
> File "/usr/local/lib/python3.5/dist-packages/dkim/asn1.py", line 85,
> in asn1_parse
> r.append(asn1_parse(t[1], data[i:i+length]))
> File "/usr/local/lib/python3.5/dist-packages/dkim/asn1.py", line 92,
> in asn1_parse
> "Unexpected tag (got %02x, expecting %02x)" % (tag, t[0]))
> dkim.asn1.ASN1FormatError: Unexpected tag (got 30, expecting 02)
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/dkimpy/+bug/1708917/+subscriptions
>