Generate RSA keys
This procedure explains how to generate a pair of RSA keys that you can use to sign and verify JWTs.
-
Create a private RSA keys that are between 1024 and 4096 bits long. You have a
jwtRSA256-private.pemprivate key in PEM format.openssl genrsa -out jwtRSA256-private.pem 2048
Don't add a passphrase.
2. Extract a public key from the private key.
openssl rsa -in jwtRSA256-private.pem -pubout -outform PEM -out jwtRSA256-public.pem
Sample contents of the jwtRSA256-public.pem public key in PEM format:
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2vOMbfP11bZDIrTRVH4f
k6VOfvSx3XnDSfqgwcvX1f0fxyOp7xHhA6ZOv9cN726RuNB/g1nE3G5ugOS3f28N
rAPeADetuk6ZzeEWy/WHBQCW8k2O9uMWxmMSZiMLwwWXMUCBXe0L2qKAoVJIS9Nh
0ihEdIf6XDZvQPbnNrX3wW9gcPHQwuBjD6r0jO59tPQEwVfScE1qqwLJzqDq/xR3
JIxPnZf1H4JiOHDYxIePmrsL+lq/F1CK1U1Ei8tDGpBJ9Dvg+ra7MfWksROTJct0
n0Te3gjG98EaSsld9vCFe5sebb3zJ6tWaZyYaP8UQlgk4MfNC5bmIdodx15oHOzO
lJPeP7U25+x2T2QiFKWPQSNYdCwDCMV6kUuRKgHbEitTnURtHA4Kl0LbdQgLkXe/
nF3tanLC9Y2dFOD18hHlpu87hY45hY6TnOENEqOlTvXiKsmEbB2ICXpAGIU4cw8u
AAd5r9EzmjMrnzsM2z3dwFJqOhas2TUbMR/JGJOYQhWiXW574gPcGX7ejCYj9DG2
spIYwcSPv9pQnUObfjmJDyKr/y1g++D5mMyJ5myNlg+ixSSGWIsVb7mZFSjg5Wnq
11XVNfTY6lt6jfq7ZIc6vDQFw3ZwBQKYbdn+UmyxelkiScYaZPU8wXi0ZCgNVZR/
9zWuZV+w4v3j7EfuemACqukCAwEAAQ==
-----END PUBLIC KEY-----
Updated about 3 years ago