Forum Discussion
PowerShell DnsServer module and DKIM 2048-bit keys
I haven't checked 2019 yet but 2016's Add-DnsServerResourceRecord cmdlet can't handle a key that goes beyond the 255 character limit. The mmc for DNS appears to support this just fine.
I've tried various workarounds but as soon as you cross that 255 limit, the cmdlet fails. This is a real pain in the neck if you've got 162 domains to manage and want to inject DKIM public keys into all of them with a script.
Even Microsoft is now recommending the use of 2048-bit keys in its M365 documentation. I've had to stick with 1024-bit for now and manual set critical domains to 2048-bit. I hope Microsoft fixes this issue back to Windows Server 2016 urgently.
Has anyone figured out any workarounds to this issue?
T.I.A.
Might try asking for help over here on QnA
windows-server-powershell - Microsoft Q&A
or report this as feedback over here on uservoice
PowerShell: Hot (1955 ideas) – Windows Server (uservoice.com)
- Thanks Dave. I was looking for that. Discovered someone already asked for this on UserVoice back in 2018. Sadly only had 3 votes.
