Creates an RSA keypair and extract its public key for DKIM publication via DNS.
Assumes Linux or a similar operating system and bash
or a similar shell.
Uses openssl
, sed
, tr
, and paste
.
The name example
can be replaced with whatever you choose.
- Create the keypair
openssl genrsa -out example.private.key 2048
The keypair may be used by the mailer to generate a hash for each message.
- Extract public key from keypair
openssl rsa -in example.private.key -pubout -out example.public.key
- Extract and display DKIM p value from public key
sed 's/---.*---//' example.public.key | tr -d '\n' | paste > example.public.txt
cat example.public.txt
The p value may be used in the DNS TXT record.
This can also be done as a one-liner with no intermediate files.
openssl genrsa -out example.private.key 2048 && openssl rsa -in example.private.key -pubout 2>/dev/null | sed 's/---.*---//' | tr -d '\n' | paste