cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

PowerShell DnsServer module and DKIM 2048-bit keys

andrewmcn
Copper Contributor

‎Apr 10 2021 05:12 PM - edited ‎Apr 17 2021 06:09 AM

‎Apr 10 2021 05:12 PM - edited ‎Apr 17 2021 06:09 AM

PowerShell DnsServer module and DKIM 2048-bit keys

I haven't checked 2019 yet but 2016's Add-DnsServerResourceRecord cmdlet can't handle a key that goes beyond the 255 character limit. The mmc for DNS appears to support this just fine.

 

I've tried various workarounds but as soon as you cross that 255 limit, the cmdlet fails. This is a real pain in the neck if you've got 162 domains to manage and want to inject DKIM public keys into all of them with a script.

 

Even Microsoft is now recommending the use of 2048-bit keys in its M365 documentation. I've had to stick with 1024-bit for now and manual set critical domains to 2048-bit. I hope Microsoft fixes this issue back to Windows Server 2016 urgently.

 

Has anyone figured out any workarounds to this issue?

 

T.I.A.

Labels:
1,113 Views
0 Likes
2 Replies
Reply
2 Replies
Dave Patrick

‎Apr 11 2021 05:46 AM

‎Apr 11 2021 05:46 AM

Re: PowerShell DnsServer module and DKIM 2048-bit keys

Might try asking for help over here on QnA

windows-server-powershell - Microsoft Q&A

 

or report this as feedback over here on uservoice

PowerShell: Hot (1955 ideas) – Windows Server (uservoice.com)

 

 

 

1 Like
Reply
andrewmcn

‎Apr 11 2021 06:01 AM

‎Apr 11 2021 06:01 AM

RE: PowerShell DnsServer module and DKIM 2048-bit keys

Thanks Dave. I was looking for that. Discovered someone already asked for this on UserVoice back in 2018. Sadly only had 3 votes.
0 Likes
Reply