Skip to main content
appkiro.com
Developer ToolsNew

RSA Key Pair Generator

Generate real RSA key pairs (2048, 3072, 4096-bit) with PEM PKCS#8 + SPKI, OpenSSH public key, JWK, and SHA-256 fingerprint. Fully local via Web Crypto API for JWT signing, mTLS, SSH access, and JWKS endpoints.

Practical guide

An RSA key pair is two related keys — a private key that signs or decrypts, and a public key that verifies or encrypts — generated together so that math performed with one is reversible only with the other. This tool generates real 2048, 3072, and 4096-bit RSA pairs in the browser using the Web Crypto API, then exports the same key in five interchangeable formats: PKCS#8 private PEM, X.509 SubjectPublicKeyInfo public PEM, OpenSSH single-line public, RFC 7517 JSON Web Key, and a SHA-256 fingerprint. If you only need a JWT shared secret or random API token instead of an asymmetric pair, use the symmetric key generator — it is faster and uses HMAC, not RSA.

Where this fits

Sign JWTs with RS256, RS384, or RS512

RSA signing is the standard for OIDC providers, B2B APIs, and any system where a client verifies the token without holding the signer's secret. Pick Signing purpose with SHA-256, SHA-384, or SHA-512 to match the JWT algorithm you intend to register, then load the private PEM into your signing service and publish the JWK at /.well-known/jwks.json so consumers can decode and verify session tokens against the public key.

Issue SSH access on a new server or CI runner

The OpenSSH tab outputs a ready-to-paste ssh-rsa line for ~/.ssh/authorized_keys. Generate a 4096-bit key for long-lived bastion access, copy the .pub line into the server, and store the PKCS#8 private PEM in your secret manager. Convert the PKCS#8 private to OpenSSH's native format with `ssh-keygen -p -m PEM -f key.pem` when an SSH client needs the OpenSSH wrapper.

Bootstrap mTLS client and service identities

Mutual TLS deployments need a key per workload before the certificate authority can issue a leaf cert. Generate a 2048 or 3072-bit pair, hand the public SPKI to your internal CA for signing, and keep the private PKCS#8 PEM inside the workload's runtime secret store.

Wrap symmetric keys for envelope encryption

Pick Encryption (RSA-OAEP) when the public key is used to wrap an AES content-encryption key or to seal short payloads between services. The recipient decrypts with the private key, then uses the unwrapped AES key to read the body. Pair this with a fresh random AES secret for each session.

How to use RSA Key Pair Generator

  1. 1Pick key size for your threat model2048-bit is the production minimum and the standard choice for JWT and short-lived service certs. 3072-bit covers NIST SP 800-57 guidance through 2030. Pick 4096-bit when policy requires it or for long-lived root keys — generation can take 5–15 seconds.
  2. 2Match the hash to your protocolSHA-256 is the safe default and corresponds to RS256 in JWT. Choose SHA-384 or SHA-512 only when the consuming standard requires RS384 or RS512.
  3. 3Choose signing or encryption purposeSigning emits a key with RSASSA-PKCS1-v1_5 metadata for JWT and document signing. Encryption emits an RSA-OAEP key for wrapping payloads. The DER bytes can be reused across purposes with openssl, but the Web Crypto metadata reflects the choice you make here.
  4. 4Set the OpenSSH commentThe comment appears at the end of the ssh-rsa line and helps you identify the key inside authorized_keys files. Use service@hostname or owner-purpose so future operators recognise the key without grepping fingerprints.
  5. 5Copy or download each formatPrivate PEM goes to the secret manager, public PEM and JWK go to the verifier or JWKS endpoint, OpenSSH .pub goes to authorized_keys, and the SHA-256 fingerprint goes into your runbook so you can confirm the key out-of-band when rotating.

Practical notes

Treat the private key like a credential

The PKCS#8 PEM is equivalent to a password for everything the key signs or decrypts. Store it only in a secret manager (Vault, AWS Secrets Manager, GCP Secret Manager, 1Password Secrets Automation) and never commit it to git, paste it into chat, or include it in a screenshot.

Publish public keys with a fingerprint

When you hand a public key to a partner over email or chat, the channel can be tampered with. Send the SHA-256 fingerprint through a second channel and have the partner verify with `openssl pkey -pubin -in key.pem -outform DER | sha256sum` before they trust it.

Rotate before keys hit their useful life

Plan rotation so verifiers can accept both the outgoing and incoming public keys for one overlap window. A JWKS endpoint with multiple keys and matching `kid` values makes this straightforward. Coordinate with the JWT debugger to confirm consumers pick the new key when its `kid` arrives.

Generate locally, not on a shared notebook

Key material is most exposed at the moment of generation. This page runs the SubtleCrypto.generateKey call entirely in your browser tab — no network call carries the private key. Open the tab on a trusted device, copy the private PEM straight into the secret manager, and close the tab when done.

Rotate an asymmetric signing key safely

Rotating an RSA signing key without downtime relies on generating the new key, publishing both old and new public keys for an overlap, and cutting consumers over once the new `kid` is verifiable.

  1. 1

    Generate the new RSA pair here

  2. 2

    UUID Generator

  3. 3

    JWT Debugger

  4. 4

    JWT Debugger

  5. 5

    Key Generator

Questions worth checking

What is an RSA key pair?

An RSA key pair is two mathematically linked keys: a private key kept secret and a public key shared openly. Data signed with the private key is verifiable with the public key, and data encrypted with the public key is decryptable only with the private key. RSA is the most widely deployed asymmetric algorithm for JWT signing, mTLS, S/MIME, code signing, and SSH access.

What is the difference between RSA 2048, 3072, and 4096-bit?

The number is the bit length of the modulus. 2048-bit is the production minimum and the fastest choice. 3072-bit raises the security margin to roughly 128-bit symmetric equivalence and is recommended by NIST SP 800-57 for systems that must remain safe past 2030. 4096-bit is the strongest option this tool offers and is appropriate for long-lived root keys, at the cost of slower generation and signature operations.

PKCS#8 vs SPKI — which file goes where?

PKCS#8 (BEGIN PRIVATE KEY) is the modern PEM format for private keys; load it into signing services, SDKs, and openssl. SPKI / X.509 SubjectPublicKeyInfo (BEGIN PUBLIC KEY) is the standard PEM format for public keys; load it into verifiers, partners, and certificate signing requests. Both PEMs in this tool wrap a single RSA key — they are the same key in different envelopes.

Is this tool secure for production keys?

Generation runs entirely in the browser through SubtleCrypto.generateKey, which uses the operating system's cryptographically secure random number generator. No private key bytes are sent to a server. The risk surface is the device where you run the page — keep the tab on a trusted machine and move the PEM directly into a secret manager.

Can I import the OpenSSH .pub into authorized_keys directly?

Yes. The OpenSSH tab emits the exact `ssh-rsa AAAA…` wire format defined in RFC 4253 and used by OpenSSH. Append the line to `~/.ssh/authorized_keys` on the server, set the file to mode 600, and the key is ready for login. To use the matching private key with an SSH client, convert the PKCS#8 PEM with `ssh-keygen -p -m PEM -f key.pem`.

How do I publish the public key as a JWKS endpoint?

Wrap the Public JWK output inside `{ "keys": [ … ] }`, add a stable `kid` field to identify the key, and serve it from `/.well-known/jwks.json` over HTTPS. Verifiers like Auth0, AWS Cognito, and jose libraries can then fetch the document and verify any JWT signed by the matching private key.

Why is 4096-bit generation slow?

RSA generation searches for two large prime numbers. The expected cost grows roughly quadratically with the bit length, so 4096-bit can take 5 to 15 seconds in a browser depending on CPU. The Regenerate button keeps a spinner active until the operation finishes — the tab is not stuck.

Can I use the same key for signing and encryption?

Technically yes — the underlying RSA primitive can sign or encrypt — but it is poor hygiene. Reusing a key across purposes complicates rotation, audit, and revocation. Generate one pair for signing (RSASSA-PKCS1-v1_5) and a separate pair for encryption (RSA-OAEP), and keep their lifecycles independent.

Related tools

Key GeneratorGenerate JWT secrets, API keys, service tokens, passwords, and PEM-style key material locally in your browser with per-key regenerate and copy actions.
JWT DebuggerDecode, inspect, verify, and encode JSON Web Tokens with formatted header and payload output for API debugging.
Password GeneratorGenerate strong random passwords with length, character set, ambiguity, and batch options that run locally in your browser.
UUID GeneratorGenerate bulk UUIDs for v1, v3, v4, v5, v6, v7, and v8 with standard, uppercase, hyphenless, braces, URN, TXT, and JSON output.
2FA LiveGenerate Time-based One-Time Passwords (TOTP) in real-time. Paste your Base32 secret to see the current OTP, refreshing every period — compatible with Google Authenticator, Authy, and Microsoft Authenticator.