[nsd-users] dkim + zone file issues

[shmick at riseup.net]

Matthijs Mekking wrote:
> Hi,
> 
> On 07/11/2014 08:22 PM, shmick at riseup.net wrote:
>> i run nsd 4.0.3 and can't for the life of me seem to get a dkim record
>> accepted and propagated
>>
>> cmds used:
>>
>> $ dnssec-keygen -a ECDSAP384SHA384 example.com
>> $ dnssec-keygen -a ECDSAP384SHA384 -f KSK example.com
>> $ cat Kexample.com*.key >> example.com
>> $ dnssec-signzone -o example.com example.com
>>
>> ive used the usual bind dnssec tools and followed your dnssec howto tute
>> to gen keys but they never pass the final cmd complaining about the dkim
>> entry
>>
>> dnssec-signzone: error: dns_rdata_fromtext: example.com:24: syntax error
>> dnssec-signzone: fatal: failed loading zone from 'example.com': syntax error
>>
>> the only way i get it to work and for it to produce the signed zone file
>> is to simply remove the dkim entry altogether, which does succeed
> 
> It looks like a dnssec-signzone issue and you should contact ISC about that.

actually, in the end, it was a pedantic formatting error
i just then appended it directly into the zone file by >>
that worked

> 
>>
>> what is my dkim entry ?
>>
>> mail._domainkey.example.com. IN TXT ("v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0B
> 
> This is probably not the complete record, if it is: it misses the final
> quotes and parentheses.

i snipped the rest

> 
> Best regards,
>   Matthijs
> 
>>
>> no spaces between tags, no spaces for entire p tag
>>
>> i saw an earlier ticket whereby a member said creating a space between
>> brackets, or trying specifying the public key on different lines
>> enclosed in talking marks and ive tried all manner of combinations but
>> its not making sense from this point on
>>
>> _______________________________________________
>> nsd-users mailing list
>> nsd-users at NLnetLabs.nl
>> http://open.nlnetlabs.nl/mailman/listinfo/nsd-users
>>
> 
>