Skip to main content
All CollectionsLearn about DKIM
Generating 1024 bits DKIM public and private keys using OpenSSL on a Mac
Generating 1024 bits DKIM public and private keys using OpenSSL on a Mac

See how to generate 1024 bits DKIM public and private keys using the Mac terminal and create a DNS record.

Ivan Kovachev avatar
Written by Ivan Kovachev
Updated over 6 years ago

Generating the private and public keys

1. Open the terminal and type openssl

2. To generate a private key type:

openssl genrsa -out private.key 1024

 3. To generate a public key from the private key type:

openssl rsa -in private.key -pubout -out public.key

4. Find the folder that contains your public key and open it. It should look something like the below.

5. Manually convert the highlighted text above to a single line ie. remove the spaces between new lines. 

Creating the DNS record

To create the DNS record you will have to specify the Name, Type and Value of the DNS record.

The DNS record Name will look like this:

selector._domainkey.domain

or like this if your DNS provider automatically appends your domain name:

selector._domainkey

Where the "selector" is defined by you and can be called anything, for example the date, device or service that will sign the emails.

For example:

20180719._domainkey.redsift.io

The DNS record Type is TXT.

The DNS record Value should look like the below. The part in bold is copied from the generated public key file:

“v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDg9/gR+3J0mmugLjhpYOfQK9ytkEKnXM0kVdpu0UoykSPK7ChD+nRxFJbN2cxtvu8GrCNQwPTKbC0jimaSi0V2j3JndnRrECuYCqeZYcRmw2lYs18QnmJRfCpweKoaGtv9zERCkeHwLcTaLkrSHrRDf58WgERg8x/4ipBPIyZufwIDAQAB

Did this answer your question?