Reading the Enabling DKIM section of the wiki, I thought I’d review the command with the man page. It suggests:
To enable DKIM, you first need to generate the key, with
openssl genrsa -out /srv/example.com/config/dkim.key - this is the private key which will be used to sign outgoing email.
Looking at the man page for
openssl it says that
genrsa has been superseded by
Generation of Private Key or Parameters.
Generation of RSA Private Key. Superseded by genpkey(1).
Does this mean that the wiki should be updated to use
Additionally, does the DKIM only need to be done for the default hostname of the server, with the same DKIM being used for all of the sites hosted, or does each site have a separate DKIM signature?
Any Error Messages
- Sympl Version [9.0/10.0]: 10.0
- Debian Version [Buster/Stretch]: Strecht
- Hardware Type? [Dedicated/Virtual/Pi]: Virtual
- Sympl Testing Version? [Yes/No]: Yes
If its the same for both Stretch and Buster, then yes, however off the top of my head it’s only Buster which is affected, and the end result is the same, so it should be fine.
Maybe add a note/alternative to the wiki?
Each sending domain needs to have it’s own DKIM configuration, along with the relevant DNS entries.
Just for clarity what was the verdict on the above related genrsa question. Do we need to use genpkey for Buster?
You can use either - as
genpkey serves the same function but provides more key type options than just RSA, but you’d also need to adjust the syntax.
You can just use
genrsa as it’ll work the same, but I’ve added to this to the list of things that should probably be wrapped in the
sympl command line.
Split this topic
A post was split to a new topic: DKIM not working