Generate RSA key pairs with encryption

I’ve spent some time investigating how to create RSA key pairs for a feature.

Put a note here just in case I need it again.

Generate RSA private key with 2048 bits

$ openssl genrsa -out private.pem 2048

Generate RSA private key with AES-256 encryption

$ openssl genrsa -aes256 -out private.pem 2048

Note that we need to offer a at least 4-bytes passphrase in order to use AES-256 encryption.

Extract public key from the key pair

$ openssl rsa -in private.pem -pubout -out public.pem

Generate x509 certificate with generated private key

$ openssl req -new -x509 -key private.pem -out cert.pem

Now we have the private key, public key and a x509 certificate.

comments powered by Disqus