Unexpected warning about missing private key

Hello

today we got a warning in the log which say "Certificate found but
missing Private key. Skipping certificate" for a outgoing mail. The
mail in question was from a user with a valid certificate and a
included private key and in fact it seems that the message got
actually signed because of raising size after the filter by around 10k
(certificate + CA + intermediate CA). Signing outgoing mail has also
worked for this user/address in the past so the question is what could
have triggered this warning??

Many Thanks

Andreas

The warning will only be shown when a private key is manually imported
by importing a PFX file. The warning is only shown when a PFX file
contains a certificate without an associated private key and "skip
Missing private key" checkbox is selected. Did you (or someone) manually
imported a PFX file?

Kind regards,

Martijn

···

On Thu, Feb 4, 2010 at 12:46 PM, <lst_hoe02(a)kwsoft.de> wrote:
        _______________________________________________
        Users mailing list
        Users(a)lists.djigzo.com
        http://lists.djigzo.com/lists/listinfo/users
        
        Hello
        
        today we got a warning in the log which say "Certificate found
        but missing Private key. Skipping certificate" for a outgoing
        mail. The mail in question was from a user with a valid
        certificate and a included private key and in fact it seems that
        the message got actually signed because of raising size after
        the filter by around 10k (certificate + CA + intermediate CA).
        Signing outgoing mail has also worked for this user/address in
        the past so the question is what could have triggered this
        warning??
        
        Many Thanks
        
        Andreas

Zitat von Martijn Brinkers <martijn(a)djigzo.com>:

The warning will only be shown when a private key is manually imported
by importing a PFX file. The warning is only shown when a PFX file
contains a certificate without an associated private key and "skip
Missing private key" checkbox is selected. Did you (or someone) manually
imported a PFX file?

Urgh, yes...
Timely coincident with the mail described. Why is a "warning" shown if
it is manually selected to not import anything without private key?

Many Thanks for clarification

Andreas

Timely coincident with the mail described. Why is a "warning" shown
if it is manually selected to not import anything without private key?

The function that imports the PFX is a general function. The warning was just added to warn that something is skipped.
If you do not want to see the warning you can set it to DEBUG in logger4j config file.

I can change it to DEBUG for the new release?

Kind regards,

Martijn

···

On Thu, 2010-02-04 at 13:58 +0100, lst_hoe02(a)kwsoft.de wrote:

Zitat von Martijn Brinkers <martijn(a)djigzo.com>:

> The warning will only be shown when a private key is manually imported
> by importing a PFX file. The warning is only shown when a PFX file
> contains a certificate without an associated private key and "skip
> Missing private key" checkbox is selected. Did you (or someone) manually
> imported a PFX file?
>

Urgh, yes...
Timely coincident with the mail described. Why is a "warning" shown if
it is manually selected to not import anything without private key?

Many Thanks for clarification

Andreas

_______________________________________________
Users mailing list
Users(a)lists.djigzo.com
http://lists.djigzo.com/lists/listinfo/users

Zitat von Martijn Brinkers <martijn(a)djigzo.com>:

Timely coincident with the mail described. Why is a "warning" shown
if it is manually selected to not import anything without private key?

The function that imports the PFX is a general function. The warning
was just added to warn that something is skipped.
If you do not want to see the warning you can set it to DEBUG in
logger4j config file.

I can change it to DEBUG for the new release?

At least for the case when explicitly setting "skip certificates
without private key" it should not warn about it, because we told
djigzo to do so. One should only get a warning if the requested action
is really dangerous like delete something or unexpected not for
actions explicitly requested IMMHO.

Regards

Andreas