How to create public and private key with openssl?

openssl rsa digital-signature saml
Karim picture Karim · Jun 10, 2017 · Viewed 34.2k times · Source

My question is how to create a public key and private key with OpenSSL in windows and how to put the created public key in .crt file and the private one in .pcks8 file in order to use this two keys to sign a SAML assertion in Java?

Thanks in advance.

Answer

Mathias R. Jessen picture Mathias R. Jessen · Jun 10, 2017

You can generate a public-private keypair with the genrsa context (the last number is the keylength in bits):

openssl genrsa -out keypair.pem 2048

To extract the public part, use the rsa context:

openssl rsa -in keypair.pem -pubout -out publickey.crt

Finally, convert the original keypair to PKCS#8 format with the pkcs8 context:

openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in keypair.pem -out pkcs8.key

Related questions

How to compute RSA-SHA1(sha1WithRSAEncryption) value with OpenSSL

I'm confused about RSA-SHA1, I thought it's RSA_private_encrypt(SHA1(message)). But I can't get the correct signature value. Is there anything wrong?

Read More
openssl_sign(): supplied key param cannot be coerced into a private key

I have googled to search answer for these problem.but I'm not able to find proper solution for my question as many answer was specific to problem related. when I tried to create digital signature of content using XMLSecurityKey and …

Read More
Use RSA private key to generate public key?

I don't really understand this one: according to: http://www.madboa.com/geek/openssl/#key-rsa , You can generate a public key from a private key. openssl genrsa -out mykey.pem 1024 openssl rsa -in mykey.pem -pubout > mykey.pub My …

Read More