1

Topic: DKIM invalid (public key: OpenSSL error: bad base64 decode)

==========================================================================
IRedMail 0.9.9
Debian 9
MariaDB
Nginx

Hello
Pliase help
invalid (public key: OpenSSL error: bad base64 decode)
#amavisd-new genrsa /var/lib/dkim/domain.com.pem 1024

#amavisd-new testkeys domain.com

TESTING#1 domain.com: dkim._domainkey.domain.com => invalid (public key: OpenSSL error: bad base64 decode)

# amavisd-new showkeys domain.com

; key#1 1024 bits, i=dkim, d=domain.com, /var/lib/dkim/domain.com.pem
dkim._domainkey.domain.com.    3600 TXT (
  "v=DKIM1; p="
  "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCon/gLwU8SWsxTm6cKBXy5xu5X"
  "/YYiJ+/Tpx2nKPXafrwflQBR46UxllVlwN3Kl1p4DjTOglgX5wsQM18s1Ev4xmOo"
  "Xls2qBUdurSph0XFq/DoYs2ffuqNtU4+pPHW3hNqFjKu54vr5x0klAVZFcEzyW4F"
  "BGTe84AModO5gLpr3QIDAQAB")

# amavisd-new testkeys domain.com

TESTING#1 domain.com: dkim._domainkey.domain.com => invalid (public key: OpenSSL error: bad base64 decode)

# amavisd-new testkeys

TESTING#1 domain.com: dkim._domainkey.domain.com => invalid (public key: OpenSSL error: bad base64 decode)

# dig @8.8.8.8 dkim._domainkey.domain.com TXT

; <<>> DiG 9.10.3-P4-Debian <<>> @8.8.8.8 dkim._domainkey.domain.com TXT
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16470
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;dkim._domainkey.domain.com.   IN      TXT

;; ANSWER SECTION:
dkim._domainkey.domain.com. 3599 IN    TXT     "v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCon/gLwU8SWsxTm6cKBXy5xu5X+/YYiJ+/Tpx2nKPXafrwflQBR46UxllVlwN3Kl1p4DjTOglgX5wsQM18s1Ev4xmOo+Xls2qBUdurSph0XFq/DoYs2ffuqNtU4+pPHW3hNqFjKu54vr5x0klAVZFcEzyW4F+BGTe84AModO5gLpr3QIDAQAB"

;; Query time: 69 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 21 12:49:22 CET 2019
;; MSG SIZE  rcvd: 299

How to fix?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: DKIM invalid (public key: OpenSSL error: bad base64 decode)

Try to create a new one to replace existing one:

amavisd-new genrsa /var/lib/dkim/<domain>.pem 1024

3

Re: DKIM invalid (public key: OpenSSL error: bad base64 decode)

I have already created a new one several times. Just changed the record DKIM (DNS TXT). Nothing helped.

4

Re: DKIM invalid (public key: OpenSSL error: bad base64 decode)

Is there any openssl relevant packages available for update on your system? Tried "apt update && apt upgrade"?

5

Re: DKIM invalid (public key: OpenSSL error: bad base64 decode)

ZhangHuangbin wrote:

Is there any openssl relevant packages available for update on your system? Tried "apt update && apt upgrade"?

# apt update && apt upgrade
Calculating upgrade... Done
The following packages will be upgraded:
  sogo sogo-activesync
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

# apt list openssl -a
Listing... Done
openssl/stable,now 1.1.0j-1~deb9u1 amd64 [installed,automatic]
openssl/stable 1.1.0f-3+deb9u2 amd64
The problem still exists. What else can you do?

6

Re: DKIM invalid (public key: OpenSSL error: bad base64 decode)

I reinstalled openssl.
created newkey
amavisd-new genrsa /var/lib/dkim/domain.com.pem 1024
....
amavisd-new testkeys domain.com
TESTING # 1 domain.com: dkim._domainkey.domain.com => pass
Thank you Zhang