Broken path to DKSignerKey

Support General Configuration
1

Hello,
I have strange problem with signing messeges by a domain key.
I followed steps from this tutorial - https://www.axigen.com/knowledgebase/Axigen-internal-DomainKeys-services_328.html.
I provided certs\DK_Key.pem in “DK Key Path” field.
Sended message stuck in Queue with PROCESSING ERROR as a status.

My Queue Processing log contains these lines:

2020-01-23 16:39:57 +0100 02 URANOS PROCESSING:0026A76D: Unable to open key file "C:\Axigen Mail Server\\"C:\Axigen Mail Server\certs\DK_Key.pem"": File name, directory name or volume label syntax is incorrect.
2020-01-23 16:39:57 +0100 02 URANOS PROCESSING:0026A76D: Error executing instruction
2020-01-23 16:39:57 +0100 02 URANOS PROCESSING:0026A76D: [onProcessing] Errors executing onProcessing event
2020-01-23 16:39:57 +0100 08 URANOS PROCESSING:0026A76D: Finished filtering mail object 26A76D with filter: onProcessing event
2020-01-23 16:39:57 +0100 08 URANOS PROCESSING:0026A76D: Set recipient <mymail@mydomain.com> state to PROCESSING ERROR
2020-01-23 16:39:57 +0100 08 URANOS PROCESSING:0026A76D: Set mail state to PROCESSING ERROR

My smtpFilters.script looks correctly in my opinion:

method DomainKeys_signing {
	set (DKSignerKey, "certs\DK_Key.pem");
	set (DKSignerSelector, "DKIM");
	call (signDomainKeys);
}

Everyone (role) has full access to this file at the moment.
PS. Axigen 10.3.0 for Windows / x64

2

According to the log, the Domainkey lies here: “C:\Axigen Mail Server\“C:\Axigen Mail Server\certs\DK_Key.pem””
That is wrong in so many ways…

The path where your certs lie is relative to the root of you Axigen installation, or to the root of your cert store.
So, all in all try either “\certs\DK_Key.pem” or just “DK_Key.pem”.

3

Hi again, and thank you Jeroen for your response.

Problem solved.
Instead of using mentioned above tutorial, i used this one: https://www.axigen.com/documentation/domainkeys-dkim-p3277108

What has changed in my configuration?

  • Path to .pem file which is now placed in root folder
  • Private & Public key was generated by openssl method, not like previously by online generators :slight_smile: ;
  • My DKIM entry in DNS is now missing “v=DKIM1” parameter which i guessing is correct now (this was always added by these online generators);
  • I used exactly the same order from tutorial and used both DomainKeys and DKIM;
  • I’ve added DomainKeys and DKIM verifying rule

The sent message is now signed by both methods.

2020-02-02 13:28:50 +0100 08 URANOS PROCESSING:000B8110: The message has been signed using DomainKeys
2020-02-02 13:28:50 +0100 08 URANOS PROCESSING:000B8110: The message has been signed using DKIM

It’s working now.

But speaking truly, I don’t know what was wrong.
Unproperly created key pair? DKIM1 thing in DNS entry? Unappropriate order in singing rule? Missing verifying rule?
Dunno.

1 Like