Hi,
This is a heads-up for people who want to add a DKIM TXT record in FreeIPA.
Adding a (long) TXT record with the DKIM key fails with a syntax error from named-pkcs11
The FreeIPA web UI did not show an error but with journalctl I see there is one.
feb 27 21:51:58 rotte.ghs.nl named-pkcs11[9314]: failed to parse RR entry: resource record
DN 'idnsname=key._domainkey,idnsname=ghs.nl.,cn=dns,dc=ghs,dc=nl': data
'v=DKIM1; k=rsa; p=MIICIjANBgkqhkiG9w0B...Svu91xOnS5UfjsCAwEAAQ==': syntax error
feb 27 21:51:58 rotte.ghs.nl named-pkcs11[9314]: update_record (syncrepl) failed, resource
record DN 'idnsname=key._domainkey,idnsname=ghs.nl.,cn=dns,dc=ghs,dc=nl' change
type 0x2. Records can be outdated, run `rndc reload`: syntax error
There are two links that helped me solve the problem, [1] and [2].
Now I can see the DKIM record in DNS.
[1]
https://robots.org.uk/FreeIPA#DNS:_long_TXT_records
[2]
https://kb.isc.org/docs/aa-00356
--
Kees