Reply

TXT record for DKIM key limited to 512 characters

New Member
Posts: 4
1391     0

Hello,

Since the upgrade from NIOS version 8.6 to 9.0.3 I can no longer create TXT records of more than 512 characters. As you can imagine, this poses a problem when creating DKIM keys of 2048 or 4096 characters.

Do you have the same problem ?

Thank you for your help

Re: TXT record for DKIM key limited to 512 characters

New Member
Posts: 4
1391     0

I specify that my key is divided into substrings of less than 255 characters.

Re: TXT record for DKIM key limited to 512 characters

New Member
Posts: 4
1391     0

Look no further, DKIM of 4096 does not appear on Infoblox. Max 2048 😊
On occasion it would be good to be able to accept 4096 keys, we may be forced by certain regulators to use these very very long keys

Re: TXT record for DKIM key limited to 512 characters

New Member
Posts: 3
1391     0

I tried the same to no avail, keep getting the "cannot exceed 512 characters" error.

 

I thought I did understand what you meant with "substrings" but obviously I did not.

I tried this as the value for the "text" column in the input file:

 

part1 part2 part3

or

 

"""part1"" ""part2"" ""part3"""

 

but no luck.

Each part is less than 255 chars long.

The same input format works if the total length of the concatenated parts is less than 512.

 

Can you please provide a sample input file?

Re: TXT record for DKIM key limited to 512 characters

New Member
Posts: 1
1391     0

A TXT record for a DKIM key is limited to 512 characters. If your DKIM key exceeds this limit, you'll need to split it into multiple TXT records. Each segment should be properly formatted and then combined by your DNS provider to ensure the full key is correctly interpreted.

Regarding
[KhanZain]
SoftwareDeveloper

Re: TXT record for DKIM key limited to 512 characters

New Member
Posts: 3
1391     0

Hi,

 

 turned out the DKIM TXT record was invalid. Regular BIND-9 does not care about the total length as long as the individual parts are below the 255 character limit. It seems like the customer has put the Base64 encoded private key in the (recently added) TXT record instead of the public key.

 

 Tried one of the online DKIM generators and even with a 4096 bit key the resulting TXT record value fits the 512 character (byte) limit when using substrings as indicated before.

 

 As a side note using multiple TXT records would not work IMHO as it would be unclear how to concatenate their RDATA in the correct order. Especially if DKIM is not the only kind of TXT record that is present for the domain name (e.g. see TXT RRs for infoblox.com).

 

Regards

 Thomas

Showing results for 
Search instead for 
Did you mean: 

Recommended for You