How to add Google DKIM TXT record
It seems that Google DKIM public key values are larger than most, and generates an error when trying to call the cPanel API:
/DNS/mass_edit_zone?zone=$host&serial=$serial&add=$json
The code works with shorter DKIM keys specified in the $json part, but returns the error message below from the API when a longer key is used (domain and public key modified for security in the error message included here):
google._domainkey.example.com. 14400 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHHB46xpA1nu6IJeVuXVWTtx7Ad4zLxxxxxxxxxxxxxxxxxxx/AgLDWSp1j3mR5H6KZz3a830Lxxxxxxxxxxxxxxxxxxxxxxx2+mcoLTP5GjCowHndwp34CfGpJ80Qo8xJEaji4k1xxxxxxxxxxxxxxxx/jrcpw+WY9gjMNulwgPCmcgGbyxxxxxxxxxxxxxxxxvwprdwxoDCGlJcEcfZVo8RGje/EXVUW3DwQBQx4Gxxxxxxxxxxxxx/QqfVWLQKKNRo/i8oGm2gB/ghnEZTy/hieDg2KPosYHcBi2j7qbXN3t5xxxxxxxxxxxxxxxxxx" does not form a valid DNS resource record. (Syntax error, could not parse the RR's rdata).
I have read a stackoverflow thread that indicates the string for the key should be split using quotes (but still one line), but I have been unsuccessful doing this in my Perl script when calling the API where the JSON includes a "data" parameter that includes either double quotes or single quotes around two (split) parts of the original key. I also tried escaping the quotes with a forward slash /, but it still didn't work. I continue to get an error parsing the data.
Does anyone know how to format the JSON for adding a long public key DKIM (TXT) record via the API's mass_edit_zone function?
Thanks!
-
Hey there! I don't have an easy way to add a Google DKIM on my end since I'm not an account manager for any Google properties, but can you tell me the character length of the key? Once I know that I *should* be able to do some testing on my end.
0 -
Thanks. In this case, the key is 393 characters.
Looking at the specs for the API call, it occurs to me that maybe I should be splitting the JSON "data" parameter (the public key string) into two elements of the data array with a comma between the quoted portions?
That is, something like this:
"data" : ["part-1-string", "part-2-string"]
I'll give it a whirl, but I'm not sure if that's what the array is designed for (i.e. splitting large strings that make up one long value).
0 -
Thanks for that. I confirmed the error on my end with a 400 character record:
LONG BLOCK OF TEXT does not form a valid DNS resource record. (Syntax error, could not parse the RR's rdata)"
but it works when I get it under 256.
I then tried adjusting the data portion how you mentioned and it did take that record, but they key is broken up with the quotes:
google._domainkey.domain.com 14400 IN TXT "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHHB46xpA1nu6IJeVuXVWTtx7Ad4zLxxxxxxxxxxxxxxxxxxx/AgLDWSp1j3mR5H6KZz3a830LxxxDDDxxxxxxxxxxxxxxxxxxxx2 mcoLTP5GjCowHndwp34CfGpJ80Qo8xJEaji4k1xxxxxxxxxxxxxxxx" "/jrcpw WY9gjMNulwgPCmcgGbyxxxxxxxxxxxxxxxxvwprdwxoDCGlJcEcfZVo8RGje/EXVUW3DwQBQx4Gxxxxxxxxxxxxx/QqfVWLQKKNRo/i8oGm2gB/ghnEZTy/hieDg2KPosYHcBi2j7qbXN3t5xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
I feel like this has been an issue that has come up before, so let me reach out to some people and I'll let you know what I find out!
0 -
Thanks!
0 -
I found that this has been an issue for some time and we have an older case opened at CPANEL-37236. However, it seems this is coming up more frequently now that keys are getting longer.
I spoke to the development team and they are going to take a look at this during their next meeting. If I hear an update then I'll be sure to share it!
0
Please sign in to leave a comment.
Comments
5 comments