Hello,
I have a problem setting the mail-crypt plugin using global keys.
First of all I prepare keys:
penssl ecparam -genkey -name secp521r1 | openssl pkey -aes-256-cbc -passout
pass:foobar | base64 -w0 >ecprivkey.pem
cat ecprivkey_b64.pem | openssl ec -pubout > ecpubkey.pem
Now I would like to pass these values using the LDAP passdb. My conf is:
userdb ldap {
driver = ldap
ldap_filter = ... ldap filter ...
fields {
... other fields ...
crypt_global_public_key_file = inline:%{ldap:pubkey_in_pem_base64}
crypt_global_private_key/main/crypt_private_key_file=inline:%{ldap:key_in_pem_base64}
crypt_global_private_key/main/private_key_password=foobar
}
}
mail_plugins {
mail_crypt = yes
}
crypt_global_private_key main {
# create the filter, but leave its settings empty
}
when I receive an email I have:
lmtp(127004): Fatal: Raw user initialization failed: mail_crypt_plugin: main:
Couldn't parse private key : Unknown key format
I want to let you know that if I give same keys, without base64 encoding, to
configuration:
crypt_global_private_key main {
crypt_private_key_file= /path/to/key
}
and:
userdb ldap {
.....
fields {
... other fields ...
#
crypt_global_private_key/main/crypt_private_key_file=inline:%{ldap:key_in_pem_base64}
... other fields ...
}
}
all works.
If I try to retrieve values from LDAP all is ok with:
doveadm user user@domain
Any suggestion?
Thank you.
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
