Skip to content

Instantly share code, notes, and snippets.

@curt

curt/dkim-rsa-keypair-dns-txt.md

Created February 14, 2023 12:57
Show Gist options
  • Save curt/6087dfd54133c2ff4739af20d5ab9190 to your computer and use it in GitHub Desktop.
Save curt/6087dfd54133c2ff4739af20d5ab9190 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
dkim-rsa-keypair-dns-txt.md

DKIM Keypair Generation

Creates an RSA keypair and extract its public key for DKIM publication via DNS.

Assumes Linux or a similar operating system and bash or a similar shell.

Uses openssl, sed, tr, and paste.

The name example can be replaced with whatever you choose.

Steps

  1. Create the keypair
openssl genrsa -out example.private.key 2048

The keypair may be used by the mailer to generate a hash for each message.

  1. Extract public key from keypair
openssl rsa -in example.private.key -pubout -out example.public.key
  1. Extract and display DKIM p value from public key
sed 's/---.*---//' example.public.key | tr -d '\n' | paste > example.public.txt
cat example.public.txt

The p value may be used in the DNS TXT record.

One-liner

This can also be done as a one-liner with no intermediate files.

openssl genrsa -out example.private.key 2048 && openssl rsa -in example.private.key -pubout 2>/dev/null | sed 's/---.*---//' | tr -d '\n' | paste
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment