Error "Cannot read key length from CSR" when using ED25519 key

[metachris]

Latest acme.sh is giving this error when using a CSR signed with an ED25519 key.

acme.sh --signcsr --csr csr.pem --standalone
[Mon May 26 07:35:32 UTC 2025] Cannot read key length from CSR: csr.pem

Here's steps to reproduce:

# Create private key
openssl genpkey -algorithm ed25519 -out key.pem

# Create TLS cert
openssl req -noenc -x509 -key key.pem -out cert.pem -sha256 -days 90 -nodes -subj "/O=BuilderNet/CN=foo.test.com"

# Create CSR from cert
openssl x509 -x509toreq -signkey key.pem -in cert.pem -out csr.pem

# Show CSR details
openssl req -in csr.pem -text -noout

# Use acme.sh to do the ACME dance and get trusted cert chain
acme.sh --signcsr --csr csr.pem --standalone

[github-actions]

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

[metachris]

It's already on the latest version:

acme.sh --version
https://github.com/acmesh-official/acme.sh
v3.1.2

[metachris]

here's the output with --debug 2:

acme.sh --signcsr --csr csr.pem --standalone --debug 2
[Mon May 26 08:21:51 UTC 2025] Let's find the script directory.
[Mon May 26 08:21:51 UTC 2025] _SCRIPT_='/root/.acme.sh/acme.sh'
[Mon May 26 08:21:51 UTC 2025] _script='/root/.acme.sh/acme.sh'
[Mon May 26 08:21:51 UTC 2025] _script_home='/root/.acme.sh'
[Mon May 26 08:21:51 UTC 2025] Using config home: /root/.acme.sh
[Mon May 26 08:21:51 UTC 2025] LE_WORKING_DIR='/root/.acme.sh'
https://github.com/acmesh-official/acme.sh
v3.1.2
[Mon May 26 08:21:51 UTC 2025] Running cmd: signcsr
[Mon May 26 08:21:51 UTC 2025] _csrsubj='foo.test.com'
[Mon May 26 08:21:51 UTC 2025] _csrsubj='foo.test.com'
[Mon May 26 08:21:52 UTC 2025] _dnsAltnames
[Mon May 26 08:21:52 UTC 2025] AltNames doesn't contain subject
[Mon May 26 08:21:52 UTC 2025] _csrdomainlist
[Mon May 26 08:21:52 UTC 2025] _outcsr='Certificate Request:
    Data:
        Version: 1 (0x0)
        Subject: O=BuilderNet, CN=foo.test.com
        Subject Public Key Info:
            Public Key Algorithm: ED25519
                ED25519 Public-Key:
                pub:
                    97:6e:a7:de:e4:6d:c8:4a:b2:03:79:4d:99:37:b6:
                    91:74:0e:b7:30:8c:2b:eb:b4:d1:b8:e7:bc:1f:65:
                    11:37
        Attributes:
            (none)
            Requested Extensions:
    Signature Algorithm: ED25519
    Signature Value:
        c7:cd:5a:9d:77:26:31:36:25:75:26:d5:c3:44:db:38:45:4f:
        bc:95:fb:bc:d3:d9:e1:e6:de:a3:6c:e4:4f:86:36:5e:d0:d2:
        5b:62:77:7a:aa:03:f9:04:6a:a9:d9:5d:85:41:9a:bd:eb:73:
        97:e8:d2:c5:63:8c:e7:e8:64:07'
[Mon May 26 08:21:52 UTC 2025] RSA CSR
[Mon May 26 08:21:52 UTC 2025] Cannot read key length from CSR: csr.pem