1

Topic: Domain key either too big or too small

==== Provide basic information to help troubleshoot ====
- iRedMail version: 0.7.3
- Linux/BSD distribution name and version: Ubuntu Server 11.04
- Any related log? Log is helpful for troubleshooting.
====
Hi,

I have a homemade server under ubuntu 11.04 and a domainname at OVH.
When I make a simple key:

#openssl genrsa -out vanpe.fr.pem

I get:
root@mail:/var/lib/dkim# amavisd-new testkeys
TESTING#1: dkim._domainkey.vanpe.fr          => fail (OpenSSL error: data too large for modulus)

when I make it smaller:
openssl genrsa -out vanpe.fr.pem 512

I get:
root@mail:/var/lib/dkim# amavisd-new testkeys
TESTING#1: dkim._domainkey.vanpe.fr          => fail (OpenSSL error: data too small for key size)


What can I do?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Domain key either too big or too small

Use '/usr/sbin/amavisd-new' instead of openssl to create DomainKey, it can handle all for you:

# /usr/sbin/amavisd-new genrsa /var/lib/dkim/vanpe.fr.pem
# chmod +r /var/lib/dkim/vanpe.fr.pem

3

Re: Domain key either too big or too small

hello,

I am trying to add a new domain as per http://www.iredmail.org/docs/sign.dkim. … omain.html

but for the newdomain.com testkeys gives fail (OpenSSL error: data too large for key size)

i am editing /etc/amavis/conf.d/50-user

and have done /etc/init.d/amavis restart

then did showkeys and edited TXT record in DNS ...

Please help

4

Re: Domain key either too big or too small

Please generate the key with key length '1024'.