Guide
TrainingSupportCommunity

Generate ECDSA keys

Suggest Edits

This procedure explains how to generate a pair of ECDSA keys with the P-256 (secp256k1) curve that you can use to sign and verify your JWTs.

  1. Create a private key.

    openssl ecparam -name secp256k1 -genkey -noout -out ec-secp256k1-priv-key.pem

    Sample contents of the ec-secp256k1-priv-key.pem private key in PEM format:

    -----BEGIN EC PRIVATE KEY-----
MHQCAQEEIEYgBlyQVsH7SpHUH7x4RErcckhu7ary/JjhP72Nk19EoAcGBSuBBAAK
oUQDQgAE1MtHIxlGP5TARqBccrddNm1FnYH1Fp+onETz5KbXPSeG5FGwKMUXGfAm
SZJq2gENULFewwymt+9bTXkjBZhh8A==
-----END EC PRIVATE KEY-----

  2. Create a public key by extracting it from the private key.

    openssl ec -in ec-secp256k1-priv-key.pem -pubout > ec-secp256k1-pub-key.pem

    Sample contents of the ec-secp256k1-pub-key.pem public key in PEM format:

    -----BEGIN PUBLIC KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAE1MtHIxlGP5TARqBccrddNm1FnYH1Fp+o
nETz5KbXPSeG5FGwKMUXGfAmSZJq2gENULFewwymt+9bTXkjBZhh8A==
-----END PUBLIC KEY-----

Updated about 3 years ago