Google DNS 返回錯誤添加 DKIM 記錄

我嘗試了幾種方法（GUI、命令行、帶引號、不帶引號），但我無法將 DKIM 記錄添加到Google DNS。我們正在將所有記錄移植到Google DNS，然後打開Google DNS（如果我們可以先讓它工作）。這是添加記錄並執行事務和輸出的最後 2 個命令：

Deans-MacBook-Pro:authservice dean$ gcloud dns --project=orderly-gcp record-sets transaction add \"v=DKIM1\;\ k=rsa\;\ p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiC1U9FnYKnw3tJ/kvISikBBAUZWrDYNYV4q0lN\+z7PjVIh5tk86b4jBvFzcR6ug3hD02JNgphEdGbYmFtjjfxN1gXVp61aRM/yJUw2oMNRXsmmUzE4Hl3yUQihJkE\+lvDWZDx\+S4MIb4KlRvdkEmRG4fowQxb4AAXf\+FaKbf8h9VZ3O2KqV18P0OoDjlJMyOOePSnf8Hgsym246M1aIhpBQM34X2/gY4dpBeFXG\+dEWq7TICQEKXKypYIhsJDxCj03jL/ro8AoWyhQ5Lz6H3/g1RIsuzAJtVlmlSoZOn/lyHFKyh/\+kkt/jyrE6DNN7JXTxXZBdE5yKsdG3zkYBqwIDAQAB\" --name=google._domainkey.orderlyhealth.com. --ttl=300 --type=TXT --zone=orderlyhealth
Record addition appended to transaction at [transaction.yaml].
Deans-MacBook-Pro:authservice dean$ gcloud dns --project=orderly-gcp record-sets transaction execute --zone=orderlyhealth
ERROR: (gcloud.dns.record-sets.transaction.execute) HTTPError 400: Invalid value for 'entity.change.additions[1].rrdata[0]': '"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiC1U9FnYKnw3tJ/kvISikBBAUZWrDYNYV4q0lN+z7PjVIh5tk86b4jBvFzcR6ug3hD02JNgphEdGbYmFtjjfxN1gXVp61aRM/yJUw2oMNRXsmmUzE4Hl3yUQihJkE+lvDWZDx+S4MIb4KlRvdkEmRG4fowQxb4AAXf+FaKbf8h9VZ3O2KqV18P0OoDjlJMyOOePSnf8Hgsym246M1aIhpBQM34X2/gY4dpBeFXG+dEWq7TICQEKXKypYIhsJDxCj03jL/ro8AoWyhQ5Lz6H3/g1RIsuzAJtVlmlSoZOn/lyHFKyh/+kkt/jyrE6DNN7JXTxXZBdE5yKsdG3zkYBqwIDAQAB"'

我嘗試將線上re2.xxx.xxx生成的 DKIM 記錄添加到我的測試項目中 的測試域：

1582300947.xxx._domainkey.re2.xxx.xxx

v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809+iUFrb1Eg3Hlt1KiVsE6/ug+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel+BR+hbVw/gI/c8VOKqOxH2QIDAQAB

使用者界面：

• DNS name:

1582300947.xxx._domainkey.re2.xxx.xxx

• TXT data:

“v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809+iUFrb1Eg3Hlt1KiVsE6/ug+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel+BR+hbVw/gI/c8VOKqOxH2QIDAQAB”

之後我用命令檢查了 TXT 記錄：

$ dig TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com        

; <<>> DiG 9.11.5-P4-5.1+build2-Debian <<>> TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36175
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;1582300947.xxx._domainkey.re2.xxx.xxx. IN TXT

;; ANSWER SECTION:
1582300947.xxx._domainkey.re2.xxx.xxx.  300 IN TXT "v=DKIM1;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809+iUFrb1Eg3Hlt1KiVsE6/ug+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel+BR+hbVw/gI/c8VOKqOxH2QIDAQAB"

;; Query time: 28 msec
;; SERVER: 2001:4860:4802:32::6a#53(2001:4860:4802:32::6a)
;; WHEN: Fri Feb 21 17:17:09 CET 2020
;; MSG SIZE  rcvd: 310

它有效。

命令行：

$ gcloud dns --project=test-prj record-sets transaction start --zone=re2
$ gcloud dns --project=test-prj record-sets transaction add \"v=DKIM1\;t=s\;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809\+iUFrb1Eg3Hlt1KiVsE6/ug\+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw\+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel\+BR\+hbVw/gI/c8VOKqOxH2QIDAQAB\" --name=1582300947.xxx._domainkey.re2.xxx.xxx. --ttl=300 --type=TXT --zone=re2
$ gcloud dns --project=test-prj record-sets transaction execute --zone=re2
Executed transaction [transaction.yaml] for managed-zone [re2].
Created [https://dns.googleapis.com/dns/v1/projects/test-prj/managedZones/re2/changes/3].
ID  START_TIME                STATUS
3   2020-02-21T16:28:12.667Z  pending

它也可以按預期工作：

$ dig TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com

; <<>> DiG 9.11.5-P4-5.1+build2-Debian <<>> TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11807
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;1582300947.xxx._domainkey.re2.xxx.xxx. IN TXT

;; ANSWER SECTION:
1582300947.xxx._domainkey.re2.xxx.xxx.  300 IN TXT "v=DKIM1;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809+iUFrb1Eg3Hlt1KiVsE6/ug+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel+BR+hbVw/gI/c8VOKqOxH2QIDAQAB"

;; Query time: 28 msec
;; SERVER: 2001:4860:4802:32::6a#53(2001:4860:4802:32::6a)
;; WHEN: Fri Feb 21 17:40:19 CET 2020
dig TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com

更新查看有關選擇資源記錄類型的文件詳細資訊：

文本數據，可以包含任意文本，也可以用於定義機器可讀數據，例如安全或濫用預防資訊。一條**TXT 記錄可能包含一個或多個文本字元串；每個字元串的最大長度為 255 個字元。**郵件代理和其他軟體代理連接多個字元串。用引號將每個字元串括起來。例如：

《你好世界》《再見世界》

如果您的 DKIM 記錄包含超過 255 個字元，則應將其拆分。例如，將 DKIM 密鑰拆分為如下兩部分：

"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraC3pqvqTkAfXhUn7Kn3JUNMwDkZ65ftwXH58anno/bElnTDAd/idk8kWpslrQIMsvVKAe+mvmBEnpXzJL+0LgTNVTQctUujyilWvcONRd/z37I34y6WUIbFn4ytkzkdoVmeTt32f5LxegfYP4P/w7QGN1mOcnE2Qd5SKIZv3Ia1p9d6uCaVGI8brE/7zM5c/"
"zMthVPE2WZKA28+QomQDH7ludLGhXGxpc7kZZCoB5lQiP0o07Ful33fcED73BS9Bt1SNhnrs5v7oq1pIab0LEtHsFHAZmGJDjybPA7OWWaV3L814r/JfU2NK1eNu9xYJwA8YW7WosL45CSkyp4QeQIDAQAB"

除了上面的文件，請查看這篇文章。

引用自：https://serverfault.com/questions/1004097