starred/dkim-exchange-Pro
1
0
Fork 0
mirror of https://github.com/Pro/dkim-exchange.git synced 2026-04-25 08:55:52 +03:00
Code Issues 4 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #109] MS Exchange Transport crash if private key is locked by another app #89

New issue
Closed
opened 2026-02-26 10:35:46 +03:00 by kerem · 13 comments
kerem commented 2026-02-26 10:35:46 +03:00
Owner
Copy link

Originally created by @stevemayster on GitHub (Nov 11, 2015).
Original GitHub issue: https://github.com/Pro/dkim-exchange/issues/109

Hello.
Recently install dkim-exchange and faced with issue.
In event log appears a error event like this:
Couldn't load the key key for domain example.com. Error message: Invalid DER format for key. (The process cannot access the file because it is being used by another process.) and when message transport crash and queue database is rebuilded.
Based on my research file maybe locked by antivirus software and backup software.
And now i don't now what to do.
I cannot backup server and i can't stop av software(it's not safe)
Per my understanding transport agent addresses to private key every time then it sign a message.
Is it possible to maybe load key to memory?

Originally created by @stevemayster on GitHub (Nov 11, 2015). Original GitHub issue: https://github.com/Pro/dkim-exchange/issues/109 Hello. Recently install dkim-exchange and faced with issue. In event log appears a error event like this: Couldn't load the key key for domain example.com. Error message: Invalid DER format for key. (The process cannot access the file because it is being used by another process.) and when message transport crash and queue database is rebuilded. Based on my research file maybe locked by antivirus software and backup software. And now i don't now what to do. I cannot backup server and i can't stop av software(it's not safe) Per my understanding transport agent addresses to private key every time then it sign a message. Is it possible to maybe load key to memory?
kerem closed this issue 2026-02-26 10:35:46 +03:00
kerem commented 2026-02-26 10:35:47 +03:00
Author
Owner
Copy link

@gogglespisano commented on GitHub (Nov 11, 2015):

Are you using 2.1.8? I think the latest version only loads the keys on start or a settings change.

<!-- gh-comment-id:155913788 --> @gogglespisano commented on GitHub (Nov 11, 2015): Are you using 2.1.8? I think the latest version only loads the keys on start or a settings change.
kerem commented 2026-02-26 10:35:47 +03:00
Author
Owner
Copy link

@stevemayster commented on GitHub (Nov 12, 2015):

Hello gogglespisano.
No at that moment stable version is 2.1.7.
I think we need to wait what will Pro says)

<!-- gh-comment-id:156009194 --> @stevemayster commented on GitHub (Nov 12, 2015): Hello gogglespisano. No at that moment stable version is 2.1.7. I think we need to wait what will Pro says)
kerem commented 2026-02-26 10:35:47 +03:00
Author
Owner
Copy link

@Pro commented on GitHub (Nov 12, 2015):

You should upgrade to 2.1.8
We (esp. @gogglespisano) did some performance improvement which most probably fixes your issue. In v2.1.7 the key was loaded again for each mail.

One strange thing here:
The EdgeTtansport service should never crash because we catch all exceptions within the signer, so there may still be an issue somewhere else...

<!-- gh-comment-id:156022154 --> @Pro commented on GitHub (Nov 12, 2015): You should upgrade to 2.1.8 We (esp. @gogglespisano) did some performance improvement which most probably fixes your issue. In v2.1.7 the key was loaded again for each mail. One strange thing here: The EdgeTtansport service should never crash because we catch all exceptions within the signer, so there may still be an issue somewhere else...
kerem commented 2026-02-26 10:35:47 +03:00
Author
Owner
Copy link

@stevemayster commented on GitHub (Nov 12, 2015):

Hello Pro.
Thanks for answer.
In log i found another error
Watson report about to be sent for process id: 12228, with parameters: E12, c-RTL-AMD64, 14.03.0158.001, edgetransport, mscorlib, S.S.C.CryptographicException.ThrowCryptogaphicException, S.S.Cryptography.CryptographicException, 202c, 02.00.50727.5477.
ErrorReportingEnabled: False
Maybe this help?
I think it's because Kaspersky AV doing something with key.

<!-- gh-comment-id:156030719 --> @stevemayster commented on GitHub (Nov 12, 2015): Hello Pro. Thanks for answer. In log i found another error Watson report about to be sent for process id: 12228, with parameters: E12, c-RTL-AMD64, 14.03.0158.001, edgetransport, mscorlib, S.S.C.CryptographicException.ThrowCryptogaphicException, S.S.Cryptography.CryptographicException, 202c, 02.00.50727.5477. ErrorReportingEnabled: False Maybe this help? I think it's because Kaspersky AV doing something with key.
kerem commented 2026-02-26 10:35:47 +03:00
Author
Owner
Copy link

@Pro commented on GitHub (Nov 12, 2015):

@AlxVD do you also use Kaspersky AV?

@stevemayster does this happen for every email or just some random ones?

<!-- gh-comment-id:156032608 --> @Pro commented on GitHub (Nov 12, 2015): @AlxVD do you also use Kaspersky AV? @stevemayster does this happen for every email or just some random ones?
kerem commented 2026-02-26 10:35:47 +03:00
Author
Owner
Copy link

@stevemayster commented on GitHub (Nov 12, 2015):

@Pro It's random, i do everything to put key in exception in Kaspersky, but i think Kaspersky just don't care about exception and then it read this key error ocurred. Error also ocurred then backup is going on but then it's goes match softer and don't brake exchange transport, just complaints about key is locked,

<!-- gh-comment-id:156037241 --> @stevemayster commented on GitHub (Nov 12, 2015): @Pro It's random, i do everything to put key in exception in Kaspersky, but i think Kaspersky just don't care about exception and then it read this key error ocurred. Error also ocurred then backup is going on but then it's goes match softer and don't brake exchange transport, just complaints about key is locked,
kerem commented 2026-02-26 10:35:47 +03:00
Author
Owner
Copy link

@Pro commented on GitHub (Nov 12, 2015):

Can you upgrade to v2.1.8?

<!-- gh-comment-id:156039006 --> @Pro commented on GitHub (Nov 12, 2015): Can you upgrade to v2.1.8?
kerem commented 2026-02-26 10:35:48 +03:00
Author
Owner
Copy link

@stevemayster commented on GitHub (Nov 12, 2015):

Pro it's production so i can do it only on weekend.
I notify you then.

<!-- gh-comment-id:156041577 --> @stevemayster commented on GitHub (Nov 12, 2015): Pro it's production so i can do it only on weekend. I notify you then.
kerem commented 2026-02-26 10:35:48 +03:00
Author
Owner
Copy link

@stevemayster commented on GitHub (Nov 12, 2015):

@Pro To upgrade without Configuration.DkimSigner.exe i need to run uninstall script and then install script,right? Or i can just replace some lib?

<!-- gh-comment-id:156094949 --> @stevemayster commented on GitHub (Nov 12, 2015): @Pro To upgrade without Configuration.DkimSigner.exe i need to run uninstall script and then install script,right? Or i can just replace some lib?
kerem commented 2026-02-26 10:35:48 +03:00
Author
Owner
Copy link

@AlxVD commented on GitHub (Nov 12, 2015):

There is no Kaspersky AV on my server.
I'm still at 2.1.7... will try to upgrade.

<!-- gh-comment-id:156097428 --> @AlxVD commented on GitHub (Nov 12, 2015): There is no Kaspersky AV on my server. I'm still at 2.1.7... will try to upgrade.
kerem commented 2026-02-26 10:35:48 +03:00
Author
Owner
Copy link

@Pro commented on GitHub (Nov 12, 2015):

@stevemayster for manual update you can just replace the .dll with the one from here:
https://github.com/Pro/dkim-exchange/tree/master/Src/Exchange.DkimSigner/bin
The file is locked by the MSExchangeTransport service, so you need to stop it for this short time to overwrite it.

Then you should also update the .exe from here (download all the files):
https://github.com/Pro/dkim-exchange/tree/master/Src/Configuration.DkimSigner/bin/Release

<!-- gh-comment-id:156107472 --> @Pro commented on GitHub (Nov 12, 2015): @stevemayster for manual update you can just replace the .dll with the one from here: https://github.com/Pro/dkim-exchange/tree/master/Src/Exchange.DkimSigner/bin The file is locked by the MSExchangeTransport service, so you need to stop it for this short time to overwrite it. Then you should also update the .exe from here (download all the files): https://github.com/Pro/dkim-exchange/tree/master/Src/Configuration.DkimSigner/bin/Release
kerem commented 2026-02-26 10:35:48 +03:00
Author
Owner
Copy link

@stevemayster commented on GitHub (Nov 12, 2015):

Pro,thanks!

<!-- gh-comment-id:156111019 --> @stevemayster commented on GitHub (Nov 12, 2015): Pro,thanks!
kerem commented 2026-02-26 10:35:48 +03:00
Author
Owner
Copy link

@stevemayster commented on GitHub (Nov 16, 2015):

Hello @Pro!
I update to 2.1.8 in saturday.
It's quite early to say but i think issue resolved, i don't see any error in App.log.
Thank you and @gogglespisano for great work!

<!-- gh-comment-id:156943331 --> @stevemayster commented on GitHub (Nov 16, 2015): Hello @Pro! I update to 2.1.8 in saturday. It's quite early to say but i think issue resolved, i don't see any error in App.log. Thank you and @gogglespisano for great work!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dependabot/nuget/Src/Configuration.DkimSigner/MimeKit-4.7.1
Ed25519-SHA256
feature/dkim-verify
coverity_scan
v3.4.1.2
v3.4.2
v3.4.1.1
v3.4.1
v3.4.0
v3.3.4
v3.3.3
v3.3.2
v3.3.1
v3.2.9
v3.2.8
v3.2.7
3.2.6
v3.2.5
v3.2.4
v3.2.4-alpha
v3.2.3.1
v3.2.3
v3.2.2
v3.2.0
v3.1.0
v3.0.13
v3.0.12
v3.0.11
v3.0.10
v3.0.9
v3.0.8
v3.0.7
v3.0.6
v3.0.5
v3.0.4
v3.0.3
v3.0.2
v3.0.1
v3.0.0
v3.0.0-beta.2
v3.0.0-beta
v2.1.8
v2.1.7
v2.1.6
v2.1.5
v2.1.5-beta.2
v2.1.5-beta
v2.1.4
v2.1.3
v.2.1.2
v2.1.1
v2.1.0
v2.0.3
v2.0.2
v2.0.1
v2.0.0-beta.4
v2.0.0-rc.1
v2.0.0-beta.3
v2.0.0-beta.2
v2.0.0-beta
v2.0.0-alpha.1
v2.0.0-alpha
v1.8.3
1.8.2
v1.8.1
v1.8.0
v1.7.0
v1.6.0
v1.5.2
Labels
Clear labels   
agent

   
agent

   
bug

   
bug

   
enhancement

   
gui

   
invalid

   
need-info

   
question

   
wontfix
No labels
agent
agent
bug
bug
enhancement
gui
invalid
need-info
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/dkim-exchange-Pro#89
No description provided.