From f3127dc857cdf16417ecf2b1c1da102b787f40b1 Mon Sep 17 00:00:00 2001
From: SecurityGuy <securityguy@users.noreply.github.com>
Date: Wed, 3 Jan 2024 08:08:39 -0500
Subject: [PATCH] Generate working DKIM keys by adding -traditional flag and
 update NGINX instructions to avoid breaking certbot (#1989)

* Update README.md

Add -traditional option to openssl genrsa to avoid Python DKIM library (dkimpy) error that prevents email from being sent:

dkim.asn1.ASN1FormatError: Unexpected tag (got 30, expecting 02)

Ref: https://bugs.launchpad.net/dkimpy/+bug/1708917

* Update NGINX instructions

Include warning to delete /etc/nginx/sites-enabled/default to avoid a conflict that breaks certbot.
---
 README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a49ac5de..cc0cbb9a 100644
--- a/README.md
+++ b/README.md
@@ -74,7 +74,7 @@ Setting up DKIM is highly recommended to reduce the chance your emails ending up
 First you need to generate a private and public key for DKIM:
 
 ```bash
-openssl genrsa -out dkim.key 1024
+openssl genrsa -out dkim.key -traditional 1024
 openssl rsa -in dkim.key -pubout -out dkim.pub.key
 ```
 
@@ -515,6 +515,8 @@ server {
 }
 ```
 
+Note: If `/etc/nginx/sites-enabled/default` exists, delete it or certbot will fail due to the conflict. The `simplelogin` file should be the only file in `sites-enabled`.
+
 Reload Nginx with the command below
 
 ```bash