[nsd-users] dkim + zone file issues
Matthijs Mekking
matthijs at nlnetlabs.nl
Mon Jul 28 09:13:11 UTC 2014
Hi,
On 07/11/2014 08:22 PM, shmick at riseup.net wrote:
> i run nsd 4.0.3 and can't for the life of me seem to get a dkim record
> accepted and propagated
>
> cmds used:
>
> $ dnssec-keygen -a ECDSAP384SHA384 example.com
> $ dnssec-keygen -a ECDSAP384SHA384 -f KSK example.com
> $ cat Kexample.com*.key >> example.com
> $ dnssec-signzone -o example.com example.com
>
> ive used the usual bind dnssec tools and followed your dnssec howto tute
> to gen keys but they never pass the final cmd complaining about the dkim
> entry
>
> dnssec-signzone: error: dns_rdata_fromtext: example.com:24: syntax error
> dnssec-signzone: fatal: failed loading zone from 'example.com': syntax error
>
> the only way i get it to work and for it to produce the signed zone file
> is to simply remove the dkim entry altogether, which does succeed
It looks like a dnssec-signzone issue and you should contact ISC about that.
>
> what is my dkim entry ?
>
> mail._domainkey.example.com. IN TXT ("v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0B
This is probably not the complete record, if it is: it misses the final
quotes and parentheses.
Best regards,
Matthijs
>
> no spaces between tags, no spaces for entire p tag
>
> i saw an earlier ticket whereby a member said creating a space between
> brackets, or trying specifying the public key on different lines
> enclosed in talking marks and ive tried all manner of combinations but
> its not making sense from this point on
>
> _______________________________________________
> nsd-users mailing list
> nsd-users at NLnetLabs.nl
> http://open.nlnetlabs.nl/mailman/listinfo/nsd-users
>
More information about the nsd-users
mailing list