Re: dkim permerror: verification error: syntax error in key data from John Smith on 2011-02-05 (OpenDKIM Users mailing list)

From: John Smith <jxs1299_at_gmail.com>
Date: Sat, 5 Feb 2011 11:33:28 -0500

Yes, I tried twice and got the same results. I have openssl1.0 and
opndkim2.2.2 both in 32-bit mode. If I generated key with opendkim-genkey
with 32-bit openssl, opendkim complained key not secure and failed to load
the key. So I had to generate key with 64-bit openssl. Does openssl 32-bit
or 64-bit matter? Thanks

On Sat, Feb 5, 2011 at 11:24 AM, Steve Jenkins <stevejenkins_at_gmail.com>wrote:

> On Sat, Feb 5, 2011 at 8:09 AM, John Smith <jxs1299_at_gmail.com> wrote:
> > Here is URL, thanks
> >
> >
> http://www.brandonchecketts.com/emailtest.php?email=dq5b3yElkT%40www.brandonchecketts.com
>
> Hmm.... ok here's your sig (this is more for the benefit of others on
> this thread who may be trying to troubleshoot after Brandon's site
> deletes the test results):
>
> X-DKIM: OpenDKIM Filter v2.2.2 xplist.com p15CC1fQ017566
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xplist.com;
> s=default; t=1296907922;
> bh=G7FrUpF2gjcHAafg4PeWw8nn7nlgc1wI7H08E2Ov0as=;
> h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type;
> b=NGpXSww0z3h8WuNx19cwUCbqt5u3hQHDfRd3s1zkr3Z9BtOjSFveEB2XGSwLJ9Kj7
> 9aLlhDVdGGfbNuCUkCskDDcLk9FUpXl8HFYDdIqf5Y7JdqOqngTV+w8wBcy2K0IJ+D
> 36ZvQ8JRVN1kgA0iQSf8OiLoKQGcdj724ol8yC1s=
>
> And here's your DNS TXT record for that domain/selector:
>
> "v=DKIM1; r=postmaster; g=*; k=rsa;
>
> p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCWxR0iNvEJtRtVyTIqx3mpaayatCFfQjlB+hCoOF8kKEdcj4ij0n70CgBhM3YZO+Oj63qvzWlkq5Dn0aJZFkoW7v2R5v4ojYjLkTwFD6YQMsCqWnL7qItC/FxPidbnD5FzXMBG4vJAFxhS9YrIDaXE5RvKMi40XCaU/nAyl0E5FQIDAQAB"
>
> Structurally, I can't see anything obvious, which makes me wonder if
> something in the key itself is hosed? Normally I'd worry about
> notepad, but if there's no break in the txt value, then you should be
> fine.
>
> I had an issue like this once that I actually resolved by deleting the
> old keys, running the genkey script again, and re-pasting the DNS TXT
> record. Have you tried that?
>
> Anybody else see anything obvious that I'm missing? I'm sure Murray
> will jump in here in a minute with some more scientific command-line
> test procedures. :)
>
> SteveJ
>
Received on Sat Feb 05 2011 - 16:33:44 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:20:16 PST