On This Page
Generate Certificate and Key Pair
Generate Certificate and Key Pair
Run the following command with no line breaks, but change these values:
- ReplaceRequestKeywith the API key that you created in Create REST API Keys.
- ReplaceYourOrgwith your account's organization ID.
openssl req -x509 -newkey rsa:2048 -keyout request_private.pem -out request_certificate.pem -days 365 -nodes -subj "/CN=RequestKey/O=YourOrg/C=US" && cat request_certificate.pem | grep -v "BEGIN CERTIFICATE" | grep -v "END CERTIFICATE" | tr -d '\n' && echo
Result
- A 2048-bit RSA key pair is generated.
- A self-signed X.509 certificate valid for 365 days is created. Use the text of the certificate in thekeyInformation.pubfield during registration, in one line, and without the BEGIN and END lines. See Required Fields for Registering Your Message-Level Encryption Keys and Example: Registering Your Certificate.
- The private key inrequest_private.pemis stored.
- The certificate inrequest_certificate.pemis stored.
- Separate keys for each organization ID or account that uses message-level encryption are created.