Generate public key and private key with OpenSSL in Windows 10
This tutorial guides you on how to generate public key and private key with OpenSSL in Windows 10. OpenSSL is a cryptographic library for applications to do secure communications over computer networks. Let’s see how to generate public and private key pairs using OpenSSL.
Generate public key and private key with OpenSSL in Windows 10
First, you need to download and install OpenSSL runtimes. This tutorial will guide you on how to install OpenSSL in Windows 10 64-bit operating system.
Using OpenSSL you can generate several kinds of public/private key pairs. RSA is the most commonly used keypair.
You can also use other popular tools to generate public key and private key like ssh-keygen and PuTTygen. Now, let’s see how to use OpenSSL to generate RSA key pair.
Generate RSA public key and private key with 2048 bit private key
To generate RSA private key, 2048 bit long run the following command. Running this command will output RSA private key in to a file named “private.pem”.
> openssl genrsa -des3 -out private.pem 2048 Generating RSA private key, 2048 bit long modulus (2 primes) ...................+++++ .....................................................................+++++ e is 65537 (0x010001) Enter pass phrase for private.pem: Verifying - Enter pass phrase for private.pem:
And to generate public key run the following command. This command will extract the public key from the key pair and output the public key in to a file named “public.pem”
> openssl rsa -in private.pem -outform PEM -pubout -out public.pem Enter pass phrase for private1.pem: writing RSA key
Generate RSA public key and private key without pass phrase
To generate RSA public key and private key without pass phrase you need to remove -des3 flag and run the openssl commands as shown below. Note, -des3 is the optional flag to encrypt the private key with the specified cipher before outputting the key to private.pem file.
> openssl genrsa -out private.pem 2048 Generating RSA private key, 2048 bit long modulus (2 primes) ..........................+++++ ...........+++++ e is 65537 (0x010001) > openssl rsa -in private.pem -outform PEM -pubout -out public.pem writing RSA key
View RSA private key
You need to run the following command to see all parts of private.pem file. You would see content that got printed in the screen will include the modulus, public exponent, private exponent, primes, exponents etc., which were used to perform RSA operations to generate RSA key as shown below.
> openssl rsa -text -in private.pem
Enter pass phrase for private.pem:
RSA Private-Key: (2048 bit, 2 primes)
modulus:
00:e6:72:73:a3:7b:fa:c4:10:60:c7:c5:12:e8:23:
12:80:23:1e:2f:17:57:f3:5c:f5:29:ea:50:e1:a1:
01:df:40:0f:11:56:d3:3f:76:bd:d9:dc:78:0b:da:
----
----
publicExponent: 65537 (0x10001)
privateExponent:
00:ca:bb:4f:7e:38:98:d0:99:b3:fa:ab:26:49:f0:
68:db:2f:89:e3:55:be:fb:0b:01:67:81:8a:ec:24:
10:18:8e:2b:73:4e:96:03:93:fb:cb:48:c8:97:6d:
----
----
prime1:
00:f5:6c:bf:95:c9:1f:c2:ad:09:42:e6:6d:1e:fc:
e9:e3:7c:39:0d:45:b4:3f:17:9a:da:d9:93:32:d4:
42:91:23:59:9e:1f:01:d7:c6:7f:b4:cc:49:77:14:
----
----
prime2:
00:f0:60:7c:62:9d:53:6d:a9:7f:c2:61:9b:6f:2c:
d4:ea:20:2f:e6:4d:9c:29:f7:e2:d5:bd:79:43:bb:
----
----
exponent1:
6b:13:6c:2e:fc:95:d7:c8:c8:de:a0:4c:01:96:14:
b1:44:74:5b:bf:0a:99:f0:41:86:b4:20:8d:af:9f:
----
----
exponent2:
00:bf:68:75:63:a9:57:77:a9:52:fc:9b:f0:c3:94:
75:6e:81:76:e2:f2:c5:f9:7d:54:79:52:c9:2f:2f:
----
----
coefficient:
11:82:89:c7:f7:d8:f5:e4:67:cc:6b:60:ba:45:9c:
94:ad:c0:ae:14:dc:c8:88:ee:02:de:9a:f3:7a:e1:
----
----
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA5nJzo3v6xBBgx8US6CMSgCMeLxdX81z1KepQ4aEB30APEVbT
P3a92dx4C9rQgSY9EDj/UP5nlpAcSAHmDBIgNtXHLXvLDl/57VVMA8q7POYN843+
tyHAPP1LrdM2GtlS9605A0b7lqCC2WF/vpkcKDYpJu3sB8r2U61wZfqB2dTbr0lO
o992ZU8md0OEJ2ge9bYeykk+jE5CuN4gp/Ce+m4CatJgIaq1KNpmCtns83/UFqi2
EdV5xGE6G4pdmsigKwlP3lHHLcrRkHk6rXW/eLn8wHdJUUSI7O0RRiPC1S2MPT1p
lteXKZUSOpixjC0MPam2C/9eJqX2887iqQlJbwIDAQABAoIBAQDKu09+OJjQmbP6
qyZJ8GjbL4njVb77CwFngYrsJBAYjitzTpYDk/vLSMiXbUXXCIPZ3LrITzdkXp1y
v7DZV6zdcM6L9gcaO1cM8ugvwc9c8Oq/JGE8TMXpIdDNOC22CxCRcePhPTYiOk1C
3iJa1CnQOm2ToOXvqR9xV/i0zmAj+BJ2btM6sCEl6CnTeiRkpus5C8mDz/9Ikdit
Rd1FR7bfgrfDyfeL9/5V9LFkD7mNMa25Zp63lKhPOfqhKRfkjR91OP2o3tx74jNd
FAHNn8WTmXIdQWin8lKWKKRoDDfIJBMRyZmt1wDOUrInLVRi/TRHkqa4pzlCOJAH
RRPRSzURAoGBAPVsv5XJH8KtCULmbR786eN8OQ1FtD8XmtrZkzLUQpEjWZ4fAdfG
f7TMSXcUQYd3zlRQrdn5YVqMIuBtySGLhpwFkRsB4y8mW+kDsbSYurRQY9EcdE+u
2ypvwRcRAlhfJmimXXy1BWpvASVXZQ0xQzJd50ZrDi7JAimSq9GlVW7XAoGBAPBg
fGKdU22pf8Jhm28s1OogL+ZNnCn34tW9eUO7GnqOvLpD4G54UwvYHDriCoQN6aed
bjGL3uDW++mDnBC/OkEymOVTBMg/EOLOuB8Hp/ey7bmNCkVSEPHKZRJK5wuyVLjG
wmQ17cNmug5CueS+3UMLtX75AUSQ1zSVeAC0NZ8pAoGAaxNsLvyV18jI3qBMAZYU
sUR0W78KmfBBhrQgja+f71S998fNdQfMleP/NW3n/SOfKJgekZhFCk1TthkQBIus
Sgv/uAnFxb91oB8VfBaadqsQMZ65fD5sroIde2PXYxj4V/YlmZAc8cfGdzU/CFdy
2tmvWsDAalcWk27Dee8pa/cCgYEAv2h1Y6lXd6lS/Jvww5R1boF24vLF+X1UeVLJ
Ly/cI99pVQEbw5u4tWO/Bvxb10+k0T3BM17neS53pjiQm51KbAQ4T9PNqQ7fCVwG
rV7RV6J5PhmbJhv1NjQuS2StmljEseZDgLyYudIhMZ3cnNOHKQ431gW+BrU3SL4E
srrNQBECgYARgonH99j15GfMa2C6RZyUrcCuFNzIiO4C3przeuHCPkJVEEkcYQ4h
61eIoTGUUafUIZ8et5qOblwkOnQJnH03VV4E4DjSRcnqLvdEGSU4xjGt7jcMyGvi
8WTdS9eKamV5d03xLKYOwkyWCUl4PKltrWA4w0Ndv2DY0J7bDvCEPw==
-----END RSA PRIVATE KEY-----
That’s it. Hope it helped 🙂
Also See:
- How to install OpenSSL in Windows 10 64-bit Operating System ?
- Visual Studio Code Windows install location and Path issues from Terminal
- McAfee Agent cannot be removed while it is in managed mode
- Fix iPhone touch screen unresponsiveness
- How to add add 16GB RAM along with 8GB RAM – Acer Aspire 7 Laptop ?
- How do I convert a PEM file to XML RSA key ?
- Read .pem file to get public and private keys
- “PKIX path building failed” or “unable to find valid certification path to requested target”