Binary I.T. Solutions, Inc.

DomainKeys Public/Private Key-pair Generation

DomainKeys Public/Private Key-pair Generation Last Updated: July 9, 2005

Command Line Tools Available
Perhaps the easiest way to generate DomainKeys public/private key-pairs is to use the CPAN command line tools available. The tool can create a key-pair, and format them for DNS publication.

Generating a private-key for the MTA

For ease of explanation, the openssl command is used throughout this document to describe the mechanism by which keys are managed.

One way to generate a 768 bit private-key suitable for DomainKeys, is to use openssl like this:

$ openssl genrsa -out rsa.private 768

Which results in the file rsa.private containing the key information
similar to this:

-----BEGIN RSA PRIVATE KEY-----
MIIByQIBAAJhAKJ2lzDLZ8XlVambQfMXn3LRGKOD5o6lMIgulclWjZwP56LRqdg5
ZX15bhc/GsvW8xW/R5Sh1NnkJNyL/cqY1a+GzzL47t7EXzVc+nRLWT1kwTvFNGIo
AUsFUq+J6+OprwIDAQABAmBOX0UaLdWWusYzNol++nNZ0RLAtr1/LKMX3tk1MkLH
+Ug13EzB2RZjjDOWlUOY98yxW9/hX05Uc9V5MPo+q2Lzg8wBtyRLqlORd7pfxYCn
Kapi2RPMcR1CxEJdXOkLCFECMQDTO0fzuShRvL8q0m5sitIHlLA/L+0+r9KaSRM/
3WQrmUpV+fAC3C31XGjhHv2EuAkCMQDE5U2nP2ZWVlSbxOKBqX724amoL7rrkUew
ti9TEjfaBndGKF2yYF7/+g53ZowRkfcCME/xOJr58VN17pejSl1T8Icj88wGNHCs
FDWGAH4EKNwDSMnfLMG4WMBqd9rzYpkvGQIwLhAHDq2CX4hq2tZAt1zT2yYH7tTb
weiHAQxeHe0RK+x/UuZ2pRhuoSv63mwbMLEZAjAP2vy6Yn+f9SKw2mKuj1zLjEhG
6ppw+nKD50ncnPoP322UMxVNG4Eah0GYJ4DLP0U=
-----END RSA PRIVATE KEY-----

This private key will be inserted into your DomainKeys-enabled MTA. Your MTA or plugin should provide instructions on how to do so.

Generating the public-key for the DNS selector record

To extract the public-key component from the private-key, use openssl like this:

$ openssl rsa -in rsa.private -out rsa.public -pubout -outform PEM

Which results in the file rsa.public containing the key information similar to this:

-----BEGIN PUBLIC KEY-----
MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAKJ2lzDLZ8XlVambQfMXn3LRGKOD5o6l
MIgulclWjZwP56LRqdg5ZX15bhc/GsvW8xW/R5Sh1NnkJNyL/cqY1a+GzzL47t7E
XzVc+nRLWT1kwTvFNGIoAUsFUq+J6+OprwIDAQAB
-----END PUBLIC KEY-----

This public-key data is placed in the selector's DNS record as the value of p. Thus, a selector's record may look like:

k=rsa; t=y; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAKJ2lzDLZ8XlVambQfMXn3LRGKOD5o6l MIgulclWjZwP56LRqdg5ZX15bhc/GsvW8xW/R5Sh1NnkJNyL/cqY1a+GzzL47t7E XzVc+nRLWT1kwTvFNGIoAUsFUq+J6+OprwIDAQAB;

Service Spotlight

  • Search Engine Optimization

SEO (Search Engine Optimization) Every time you turn around, there’s something new you have to know about on the internet. Think about it, there was a time when you knew every song on every album and what every make and model was driving down the street. Well, those days are OVER. But we are here to help you with the internet.

Las Vegas Web Design and Las Vegas Marketing Services can find ways of optimizing your site, finding valuable links, getting you added successfully to Local listing tools like Google, Yahoo, MSN and much more. We can tailor make a plan for as little as $99.00 per month guarenteed. This also includes the management of your Pay Per Click Advertisements.

Read More About SEO

Member Login