Setting the length of DKIM keys


This article applies to:

  • Trustwave SEG 8.0 and above

Question:

  • How do I set the length of DKIM keys generated by SEG? 

Procedure:

By default, SEG generates 2048 bit RSA keys for DKIM.

In SEG 8.2 and above, you can select the size each time you create a key (1024, 2048, or 4096 bits).

In SEG 8.0 and 8.1, you can change the size generated by setting a Registry value.

To set the value:

  1. On the SEG Array Manager server, run Regedit.
  2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Trustwave\Secure Email Gateway\Manager
  3. Create a new DWORD value (REG_DWORD)
    • Name: DKIMKeySize
    • Value: the key size in kilobits (for example, to create 1024 bit keys enter 1)
  4. Restart the Array Manager service

Notes:

  • The default length was based on a survey of key lengths in use by major domains and providers.

Last Modified 4/1/2020.
https://support.trustwave.com/kb/KnowledgebaseArticle21053.aspx