How do I resolve the "CharacterStringTooLong (Value is too long) encountered with {Value}" error that I received when I tried to create a TXT record using DKIM syntax?

2 分的閱讀內容

I tried to create a DKIM text resource record provided by a third party in my Amazon Route 53 hosted zone. However, I got the following error: "CharacterStringTooLong (Value is too long) encountered with {Value}." How can I fix this?

Short description

DNS TXT records can contain up to 255 characters in a single string. TXT record strings over 255 characters must be split into multiple text strings within the same record.

Note: DKIM functionality doesn't break if the value is split.


1.    Open the resource record that you received from your third-party provider.

2.    To adhere to the 255 character maximum for a single Route 53 TXT record, split the DKIM key value into two parts. To do this, follow these steps:

  1. Copy the DKIM key value from the resource record.
  2. Paste the DKIM key value in a new line of a text editor.
  3. Split the DKIM key value into two parts, and enclose each part in double quotation marks. For example, the value for "long_string" is split into "long_""string".
    Note: Don't add a line break between the two parts.

3.    Open the Route 53 console.

4.    In the navigation pane, choose Hosted zones.

5.    Select your hosted zone.

6.    Choose Create Record Set.

7.    In the Create Record Set panel on the right, complete the following:

  • For Name, enter the domain key identifier.
  • For Type, choose TXT.
  • For Alias, keep the default selection of No.
  • For TTL, enter the number of seconds. The default value of 300 is typically sufficient.
  • For Value, copy the split DKIM key value that you created in step 2 from your text editor. Paste the split value in the Value field.
  • Choose Create.

8.    Use dig or nslookup to confirm that the TXT record is presented as a single entry.


$ dig txt 
;; ANSWER SECTION: 60 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1xhXc+vJKhQJUch86o8Ia2+L/AYo4d5eRVrPMMWzz4EiM4eB4QC1hJ83YMCHLv5dDN2lJ3KWSd5tGOxF/FRj1KdN+Jdf+BVwuklBFO8IrDtMz/lk2CJjF8jlgIUmQAjs3lc/8Bee+" "IQeB2tLX9UWvQMpI3aZuh6Ym6hcvLnbEkALWaMQvqwgxZs1qF6t5VKMjWeNNWIScyNTYL4Ud8wDiBcWh492HustfGUxrl5zmRfEl8BzCbrOqpKPLBmk/xrHRw9PHIJyYOaZA2PFqVcp6mzxjyUmn0DH9HXdhIznflBoIOLL1dm77PyDOKdEWRkSLMCA72mZbFr9gxda72ocQIDAQAB"


> nslookup -q=TXT
Non-authoritative answer:    text =
        "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1xhXc+vJKhQJUch86o8Ia2+L/AYo4d5eRVrPMMWzz4EiM4eB4QC1hJ83YMCHLv5dDN2lJ3KWSd5tGOxF/FRj1KdN+Jdf+BVwuklBFO8IrDtMz/lk2CJjF8jlgIUmQAjs3lc/8Bee+"

Related information

TXT record type