Questions & AnswersCategory: ServerGenerate OpenSSL RSA Key Pair from the Command Line
tech24sa Staff asked 1 year ago

Generate OpenSSL RSA Key Pair from the Command Line

Generate a 2048 bit RSA Key

You can generate a public and private RSA key pair like this:

openssl genrsa -des3 -out private.pem 2048

That generates a 2048-bit RSA key pair, encrypts them with a password you provide, and writes them to a file. You need to next extract the public key file. You will use this, for instance, on your webserver to encrypt content so that it can only be read with the private key.

Export the RSA Public Key to a File

This is a command that is

openssl rsa -in private.pem -outform PEM -pubout -out public.pem

The -pubout flag is really important. Be sure to include it.

Next, open the public.pem and ensure that it starts with —–BEGIN PUBLIC KEY—–. This is how you know that this file is the public key of the pair and not a private key.


Sign In


Reset Password

Please enter your username or email address, you will receive a link to create a new password via email.