Generate ECDSA keys
This procedure explains how to generate a pair of ECDSA keys with the P-256 (secp256k1) curve that you can use to sign and verify your JWTs.
-
Create a private key.
openssl ecparam -name secp256k1 -genkey -noout -out ec-secp256k1-priv-key.pemSample contents of the
ec-secp256k1-priv-key.pemprivate key in PEM format:-----BEGIN EC PRIVATE KEY----- MHQCAQEEIEYgBlyQVsH7SpHUH7x4RErcckhu7ary/JjhP72Nk19EoAcGBSuBBAAK
oUQDQgAE1MtHIxlGP5TARqBccrddNm1FnYH1Fp+onETz5KbXPSeG5FGwKMUXGfAm
SZJq2gENULFewwymt+9bTXkjBZhh8A==
-----END EC PRIVATE KEY-----
2. Create a public key by extracting it from the private key.
openssl ec -in ec-secp256k1-priv-key.pem -pubout > ec-secp256k1-pub-key.pem
Sample contents of the `ec-secp256k1-pub-key.pem` public key in PEM format:
-----BEGIN PUBLIC KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAE1MtHIxlGP5TARqBccrddNm1FnYH1Fp+o
nETz5KbXPSeG5FGwKMUXGfAmSZJq2gENULFewwymt+9bTXkjBZhh8A==
-----END PUBLIC KEY-----
Updated about 4 years ago