-3

I've generated private key and public key using following commands.

openssl genrsa -des3 -out server.key openssl rsa -in server.key -out server.key.insecure

mv server.key server.key.secure mv server.key.insecure server.key

openssl req -new -key server.key -out server.csr

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

it shows error message while verifying for DKIM that public key(server.crt) should not be longer than 512 character.

jay thaker
  • 1
  • 1
  • You may also wish to read [our canonical question on SPF configuration](http://serverfault.com/questions/369460/what-are-spf-records-and-how-do-i-configure-them). – MadHatter Jan 26 '16 at 13:59
  • You really have a shotgun approach to tagging. Adding tons of irrelevant ones. Oh, and btw - where does SPF appear, outside the tag and title? Because the question is not about SPF but DKIM. – TomTom Jan 26 '16 at 14:30

1 Answers1

2

SPF doesn't use certificates, so you have misunderstood mechanisms used by SPF to stop the use of forged "from" addresses.

SPF is based on set a DNS TXT record in which you specify simple policies of what hosts can send mails using your domain name like this:

v=spf1 mx a:pluto.example.net include:aspmx.googlemail.com -all

You are probably confused with DKIM.

JorSol
  • 299
  • 2
  • 9