Mailu: Support for EC384 in certdumper

Created on 10 Jan 2019  Â·  5Comments  Â·  Source: Mailu/Mailu

The mailu/certdumper cannot extract the key if it's not an RSA one.
I can't seem to find the code for the certdumper either. Is there a repo somewhere?

Attaching to mailu_certdumper_1
certdumper_1  | Thu Jan 10 02:32:18 UTC 2019 Dumping certificates
certdumper_1  | writing RSA key
certdumper_1  | Extracting cert bundle for mail.******
certdumper_1  | Extracting private key for mail.******
certdumper_1  | openssl x509 -inform PEM -in /tmp/work/certs/mail.******.crt > /tmp/work/pem/mail.******-public.pem
certdumper_1  | openssl rsa -in /tmp/work/private/letsencrypt.key -text > /tmp/work/pem/letsencrypt-private.pem
certdumper_1  | writing RSA key
certdumper_1  | openssl rsa -in /tmp/work/private/mail.******.key -text > /tmp/work/pem/mail.******-private.pem
certdumper_1  | 140247081323468:error:0607907F:digital envelope routines:EVP_PKEY_get1_RSA:expecting an rsa key:p_lib.c:287:
certdumper_1  | Thu Jan 10 02:32:18 UTC 2019 Copying certificates
certdumper_1  | '/tmp/work/pem/mail.******-private.pem' -> '/output/key.pem'
certdumper_1  | '/tmp/work/pem/mail.******-public.pem' -> '/output/cert.pem'
certdumper_1  | Setting up watches.
certdumper_1  | Watches established.
typenhancement
Source
picture cupcakearmy
👍1

Most helpful comment

As can be seen in https://github.com/Mailu/Mailu/blob/master/optional/traefik-certdumper/Dockerfile#L5 the certdumper code is from traefik directly and handling of the dumped certs is done by https://github.com/Mailu/Mailu/blob/master/optional/traefik-certdumper/run.sh

picture HorayNarea on 10 Jan 2019
👍2

All 5 comments

As can be seen in https://github.com/Mailu/Mailu/blob/master/optional/traefik-certdumper/Dockerfile#L5 the certdumper code is from traefik directly and handling of the dumped certs is done by https://github.com/Mailu/Mailu/blob/master/optional/traefik-certdumper/run.sh

HorayNarea picture HorayNarea on 10 Jan 2019
👍2

Thanks for the info!
So i guess its not an issue for this repo.
Maybe just add a comment/warning into the Docs to avoid confusion 🙂

cupcakearmy picture cupcakearmy on 10 Jan 2019

I’ll quickly link the issue, just for reference:
https://github.com/containous/traefik/issues/4381

Nebukadneza picture Nebukadneza on 11 Jan 2019
👍1

Hi, I created a more robust tool to dump Traefik certificates.: https://github.com/ldez/traefik-certs-dumper/releases

Note: I'm a Traefik core maintainer :wink:

ldez picture ldez on 11 Feb 2019
1

Hi @ldez ,

sorry for the extremely late replay — and thanks for your great project. That is orders of magnitude cleaner than what i did ^_^. I’ll rebuild our solution using yours. Thanks a bunch!

Nebukadneza picture Nebukadneza on 10 Mar 2019
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

githtz picture githtz  Â·  4Comments
Thorsten1976 picture Thorsten1976  Â·  4Comments
hoellen picture hoellen  Â·  4Comments
Angedestenebres picture Angedestenebres  Â·  3Comments
alizowghi picture alizowghi  Â·  3Comments