We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Exim paniclog, DKIM, unable to open private key file for reading
-
- Posts: 2
- Joined: Fri May 06, 2016 7:05 pm
Exim paniclog, DKIM, unable to open private key file for reading
I am running Vesta with chroot plugin and Exim4. I am seeing these errors in my exim paniclog which seem to be due to a permissions issue, but in checking the permissions everything seems ok to me. Does anyone have any ideas?
Line from exim paniclog
2016-05-06 12:29:58 1ayidZ-0006T6-Kn unable to open private key file for reading: /etc/exim4/domains/mydomain.com/dkim.pem
Permissions for /etc/exim4/domains/ are drwxr-xr-x 2 root root
Inside of domains the actual paths to the domains are symbolic links:
lrwxrwxrwx 1 root root 40 Mar 12 22:43 mydomain.com -> /home/username/conf/mail/mydomain.com
Inside of the directory for each domain the dkim.pem has the following permissions:
-rw-rw---- 1 root mail 887 Mar 12 22:43 dkim.pem
Line from exim paniclog
2016-05-06 12:29:58 1ayidZ-0006T6-Kn unable to open private key file for reading: /etc/exim4/domains/mydomain.com/dkim.pem
Permissions for /etc/exim4/domains/ are drwxr-xr-x 2 root root
Inside of domains the actual paths to the domains are symbolic links:
lrwxrwxrwx 1 root root 40 Mar 12 22:43 mydomain.com -> /home/username/conf/mail/mydomain.com
Inside of the directory for each domain the dkim.pem has the following permissions:
-rw-rw---- 1 root mail 887 Mar 12 22:43 dkim.pem
Re: Exim paniclog, DKIM, unable to open private key file for reading
yeah it does look okay, chrooted is root:mail is fine otherwise dkim.pem would be exim:mail, try deselecting the dkim support under the Email > Editing Mail Domain > DKIM Support UNTICK and save, then navigate away from email tab to dns or whatever, log into ssh, remove the dkim.key if its still in the /etc/exim4/domains/example.com/ folder...restart exim, wait for a minute... then navigate back to Email in vestacp panel for the domain and tick DKIM Support and save, then take another look in exim4/domains folder, if still no luck, someone else might have to chime in to take a look, might be a bug.
-
- Posts: 2
- Joined: Fri May 06, 2016 7:05 pm
Re: Exim paniclog, DKIM, unable to open private key file for reading
That did the trick, seems like it wants the owner of dkim.pem to be Debian-exim. I'm guessing something in the chroot plugin installation script neglected to change permissions.
-rw-rw---- 1 Debian-exim mail 887 May 9 08:41 dkim.pem
-rw-rw---- 1 Debian-exim mail 887 May 9 08:41 dkim.pem
Re: Exim paniclog, DKIM, unable to open private key file for reading
It's worth noting that I faced this exact same problem with two domains that have changed owner. I had used v-change-domain-owner to transfer the domains from userA to userB.
chimerabear, if you too have changed domain ownership with v-change-domain-owner, maybe there's a bug somewhere in that script...
chimerabear, if you too have changed domain ownership with v-change-domain-owner, maybe there's a bug somewhere in that script...
-
- Posts: 29
- Joined: Sun Dec 13, 2015 6:18 pm
Re: Exim paniclog, DKIM, unable to open private key file for reading
I got this same issue happen. I recently migrated servers and did a backup on the accounts then v-restore-user.
ownership for dkim.pem was root mail so I changed them to Debian-exim mail. testing out if this fixed my error message in the paniclog which was "unable to open private key file for reading".
thanks for the heads up. I did not remove the dkim.pem, I just appended the permissions.
ownership for dkim.pem was root mail so I changed them to Debian-exim mail. testing out if this fixed my error message in the paniclog which was "unable to open private key file for reading".
thanks for the heads up. I did not remove the dkim.pem, I just appended the permissions.
Re: Exim paniclog, DKIM, unable to open private key file for reading
Fixed - https://github.com/serghey-rodin/vesta/ ... dfaff41ee7
Fix will be available in v18.
(or you can apply patch from github)
Fix will be available in v18.
(or you can apply patch from github)