DKIM – DomainKey Identified Mail public key longer than 512 character [closed]

I’ve generated private key and public key using following commands.

openssl genrsa -des3 -out server.key
openssl rsa -in server.key -out server.key.insecure

mv server.key
mv server.key.insecure server.key

openssl req -new -key server.key -out server.csr

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

it shows error message while verifying for DKIM that public key(server.crt) should not be longer than 512 character.


SPF doesn’t use certificates, so you have misunderstood mechanisms used by SPF to stop the use of forged “from” addresses.

SPF is based on set a DNS TXT record in which you specify simple policies of what hosts can send mails using your domain name like this:

v=spf1 mx -all

You are probably confused with DKIM.

Source : Link , Question Author : jay thaker , Answer Author : JorSol

Leave a Comment