today we got a warning in the log which say "Certificate found but
missing Private key. Skipping certificate" for a outgoing mail. The
mail in question was from a user with a valid certificate and a
included private key and in fact it seems that the message got
actually signed because of raising size after the filter by around 10k
(certificate + CA + intermediate CA). Signing outgoing mail has also
worked for this user/address in the past so the question is what could
have triggered this warning??
The warning will only be shown when a private key is manually imported
by importing a PFX file. The warning is only shown when a PFX file
contains a certificate without an associated private key and "skip
Missing private key" checkbox is selected. Did you (or someone) manually
imported a PFX file?
Kind regards,
Martijn
···
On Thu, Feb 4, 2010 at 12:46 PM, <lst_hoe02(a)kwsoft.de> wrote:
_______________________________________________
Users mailing list
Users(a)lists.djigzo.com http://lists.djigzo.com/lists/listinfo/users
Hello
today we got a warning in the log which say "Certificate found
but missing Private key. Skipping certificate" for a outgoing
mail. The mail in question was from a user with a valid
certificate and a included private key and in fact it seems that
the message got actually signed because of raising size after
the filter by around 10k (certificate + CA + intermediate CA).
Signing outgoing mail has also worked for this user/address in
the past so the question is what could have triggered this
warning??
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
The warning will only be shown when a private key is manually imported
by importing a PFX file. The warning is only shown when a PFX file
contains a certificate without an associated private key and "skip
Missing private key" checkbox is selected. Did you (or someone) manually
imported a PFX file?
Urgh, yes...
Timely coincident with the mail described. Why is a "warning" shown if
it is manually selected to not import anything without private key?
Timely coincident with the mail described. Why is a "warning" shown
if it is manually selected to not import anything without private key?
The function that imports the PFX is a general function. The warning was just added to warn that something is skipped.
If you do not want to see the warning you can set it to DEBUG in logger4j config file.
I can change it to DEBUG for the new release?
Kind regards,
Martijn
···
On Thu, 2010-02-04 at 13:58 +0100, lst_hoe02(a)kwsoft.de wrote:
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
> The warning will only be shown when a private key is manually imported
> by importing a PFX file. The warning is only shown when a PFX file
> contains a certificate without an associated private key and "skip
> Missing private key" checkbox is selected. Did you (or someone) manually
> imported a PFX file?
>
Urgh, yes...
Timely coincident with the mail described. Why is a "warning" shown if
it is manually selected to not import anything without private key?
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
Timely coincident with the mail described. Why is a "warning" shown
if it is manually selected to not import anything without private key?
The function that imports the PFX is a general function. The warning
was just added to warn that something is skipped.
If you do not want to see the warning you can set it to DEBUG in
logger4j config file.
I can change it to DEBUG for the new release?
At least for the case when explicitly setting "skip certificates
without private key" it should not warn about it, because we told
djigzo to do so. One should only get a warning if the requested action
is really dangerous like delete something or unexpected not for
actions explicitly requested IMMHO.