DKIM Core Key valid when checked but not when added to DNS

Mike_ACC

Member
Nov 20, 2015
14
1
3
UK
cPanel Access Level
Root Administrator
I have seen several threads in these forums about "fiddlyness" when trying to enter valid DKIM keys from cPanel in external DNS. One thread advised to strip out a " and space and a trailing \

So I did that with mine and pasted into Check a DKIM Core Key Record at dkimcore.org and got "This is a valid DKIM key record" and thought hooray, cracked it. I pasted the selfsame key exactly into my DNS and then checked in Check a published DKIM Core Key on the same site and get "this is not a good DKIM key record. You should fix the errors shown in red."
"This TXT record consists of multiple strings. This is valid and can't be avoided in this case."
(and under where it gives the public key)
"The p=field must be base64 encoded"

I have repeated this a number of times. Another checker (protodave.com/tools/dkim-key-checker/) gives "Unable to properly parse the public key string and determine key length or the key is invalid. Tip: Make sure there aren't any special charaters or newlines pasted into your key in the TXT record."

I don't understand why the same string when pasted into DKIM Check is passed valid but pasting the same thing into DNS and then checking in DKIM published is not good.

Any suggestions? Thanks
 

Mike_ACC

Member
Nov 20, 2015
14
1
3
UK
cPanel Access Level
Root Administrator
Hello, yes, I had read most of those and attempted to fix without any success.
However, happy to report that, thanks to cPanel support Technical Analysts, we found the issue was due to DNS not saving special characters (particularly the plus sign + ) correctly. When this was rectified - and we used the single set of quotes version suggested by your guy - all worked fine. I just post this so anyone stumbling on it can see what our answer was. Boy is it fiddly going through key character by character to see what's missing before / after saving but worth it in the end. :)
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,226
463
I am happy to see the issue is now resolved. Thank you for updating us with the outcome.