Your question
According to Exporting server state | Stalwart the --include-secrets flag is only client-side, and in order to actually view the secret field, the server must allow it, which is does not by default. Fair enough, secure by design.
However I cannot find any documented permission on the server side, which allows a given user or role to view secret fields.
Just trying to extract the generated DKIM keys, so that they can be backed up, but the question applies equally to any field marked as secret.
The storage can of course be queried directly (RocksDB, Postgres, FoundationDB etc.), but has anybody succeeded in configuring the server to allow viewing the secret contents, using stalwart-cli? It would be useful to be able to script this process and not need to access backend storage directly.
To demonstrate: stalwart-cli -k snapshot DkimSignature --include-secrets --allow-unresolved Tenant,Domain (See the dkimsignature.xxxxx: {privateKey: {secret}} value).
I understand that topics in this category are triaged by a bot first but a human reply will follow up. If I’d prefer a human-only reply, I’ll add the no-ai tag to my topic.
on