DKIM field only 512 chars; need the instructions for using tokens to fill the field

I’ve attempted to fill the TXT field in my DNS for the DKIM key. I’m getting a message that the field can only be 512 characters. These days you need a 2048 key. (1024 uses to be good enough) Anyway, there is a procedure to use tokens to fill in DNS fields in order to get around the problem. I was given this once by tech support and neglected to save it. I found a link for web page for the procedure, but apparently Sammy the Whale ate the page.

So I need the procedure to file a TXT field in DNS using a token. My recollection is you used curl from your server to do this, or maybe your PC.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hello there,

First, make sure that you can use a 2048 key without the need of splitting it in half in order to take effect. Usually, your DNS provider can help you if you reach out to their support.

Once created you can use a DKIM checker tool like the one provided from mxtoolbox and check whether the generated key is valid.

Hope that this helps! Regards, Alex

Note this only works for 2048 bits and obviously smaller. Are you trying to do 4096 bits? Otherwise everything looks OK.

At the moment, 2048 is considered adequate. That said, Digital Ocean needs to come up with a better scheme to enter the DKIM field. You can’t cut and paste using any browser I have. This API is the only thing that works, and even then you can’t do 4096 bits.


I have tried to run the following:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer MY_API_KEY" -d '{"type":"TXT","name":"default._domainkey","data":"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFxxxxAQ8AMIIBCgKCAQEA878VxxxxtiPjkstRU+yUjwo1yMfn/wkEUt/sHOpYdhDGxrLULnGDyHdx/xxxfF7qikvCbcwkc3Ok5xxxx+9MIFmNDSQr3W6wzdrp9u8vqxxxDVmNRcdPiZkGTO4V6uuUDPICfkUcjWBOs+gyKAe6kn/ZsLVSVDLA+xxxSZoLLHEe7bBs2zn1S1i+texxxQs+tsISt442RxxxgAQ8glVKM0ETlw4z5SO9qYChmavLx2FZvPdG/T2KwzVQzQ6kd9XdaAjsOYrdmPLGciyG6+Uh6B0or0z5snTWq+FQTzetJUKs3faG51IL6RbbGvoiU0oI5KfGu/+SDMgOV6Pnlv17QIDAQAB\;","priority":null,"port":null,"ttl":1800,"weight":null,"flags":null,"tag":null}' ""

This returned the error:

{"id":"bad_request","message":"Your request body was malformed."}

I have replaced some characters in the DKIM record with x’s (and my api key with MY_API_KEY)

If someone could assist me, I would really appreciate that!

I have deleted the original record, in case that was causing an error somehow.