From 662006acc3ead8458218d1d8870b5587726ecf8f Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Mon, 30 Sep 2024 18:23:01 +0100 Subject: [PATCH] Docs: point out that a DKIM private key file needs to be readable --- doc/doc-docbook/spec.xfpt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 18f92404a..f3bf5ea8e 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -41904,8 +41904,9 @@ To generate keys under OpenSSL: openssl genrsa -out dkim_rsa.private 2048 openssl rsa -in dkim_rsa.private -out /dev/stdout -pubout -outform PEM .endd -The result file from the first command should be retained, and -this option set to use it. +The result file from the first command should be retained, +permissions set so that Exim can read it, +and this option set to use it. Take the base-64 lines from the output of the second command, concatenated, for the DNS TXT record. See section 3.6 of RFC6376 for the record specification. -- 2.30.2