'sha256', 'private_key_bits' => 2048, 'private_key_type' => OPENSSL_KEYTYPE_RSA, ] ); //Save private key openssl_pkey_export_to_file($pk, $privatekeyfile); //Save public key $pubKey = openssl_pkey_get_details($pk); $publickey = $pubKey['key']; file_put_contents($publickeyfile, $publickey); $privatekey = file_get_contents($privatekeyfile); } echo "Private key (keep this private!):\n\n" . $privatekey; echo "\n\nPublic key:\n\n" . $publickey; //Prepare public key for DNS, e.g. //phpmailer._domainkey.example.com IN TXT "v=DKIM1; h=sha256; t=s; p=" "MIIBIjANBg...oXlwIDAQAB"... $dnskey = "$selector._domainkey.$domain IN TXT"; $dnsvalue = '"v=DKIM1; h=sha256; t=s; p=" '; //Some DNS servers don't like ;(semi colon) chars unless backslash-escaped $dnsvalue2 = '"v=DKIM1\; h=sha256\; t=s\; p=" '; //Strip and split the key into smaller parts and format for DNS //Many DNS systems don't like long TXT entries //but are OK if it's split into 255-char chunks //Remove PEM wrapper $publickey = preg_replace('/^-+.*?-+$/m', '', $publickey); //Strip line breaks $publickey = str_replace(["\r", "\n"], '', $publickey); //Split into chunks $keyparts = str_split($publickey, 253); //Becomes 255 when quotes are included //Quote each chunk foreach ($keyparts as $keypart) { $dnsvalue .= '"' . trim($keypart) . '" '; $dnsvalue2 .= '"' . trim($keypart) . '" '; } echo "\n\nDNS key:\n\n" . trim($dnskey); echo "\n\nDNS value:\n\n" . trim($dnsvalue); echo "\n\nDNS value (with escaping):\n\n" . trim($dnsvalue2);