Security

RSA Key Generator

Generate RSA public and private key pairs entirely in your browser, with no upload and no server round trip. Pick the key size (2048, 3072, or 4096-bit), the hash, and the intended usage — RSA-OAEP for encryption, RSA-PSS or PKCS#1 v1.5 for signatures — then export to PEM (PKCS#8 / PKCS#1 / SPKI), JWK, or an OpenSSH public key. Read the modulus size, public exponent, and SHA-256 / OpenSSH fingerprints, and test encrypt/decrypt and sign/verify on the spot before you wire the key into TLS, SSH, JWT, OAuth, or your own application.

  • Generate 2048, 3072, and 4096-bit RSA key pairs with SHA-256, SHA-384, or SHA-512
  • Switch usage between RSA-OAEP encryption, RSA-PSS signing, and PKCS#1 v1.5 signing
  • Export private keys as PKCS#8, PKCS#1, or JWK and public keys as SPKI, PKCS#1, OpenSSH, or JWK
  • Inspect key strength, public exponent, and SHA-256 / OpenSSH fingerprints, then download the pair as a .zip
tools/RSA Key Generator
No key pair yet

Keys are generated locally with the Web Crypto API and never leave your browser or reach any server.

Options

Overview

A complete RSA workflow in one screen: choose parameters on the left, read the public and private key on the right, and verify everything before you ship it.

  1. 01

    Local Key Pair Generation

    Generate 2048, 3072, or 4096-bit RSA pairs in the browser with the Web Crypto API. The private key is created on your device and is never transmitted, logged, or uploaded — ideal for production secrets and internal debugging alike.

  2. 02

    Selectable Usage and Hash

    Bind each key to a single purpose: RSA-OAEP for encryption, RSA-PSS or RSASSA-PKCS1-v1_5 for signatures, paired with SHA-256, SHA-384, or SHA-512. Changing any parameter regenerates a fresh, correctly-scoped key pair.

  3. 03

    Multi-Format Export

    Export private keys as PKCS#8 (BEGIN PRIVATE KEY), PKCS#1 (BEGIN RSA PRIVATE KEY), or JWK, and public keys as SPKI, PKCS#1, an OpenSSH ssh-rsa line, or JWK — the exact shape OpenSSL, nginx, Java, Node.js, or a JWT library expects.

  4. 04

    Key Strength and Fingerprints

    See the modulus length, the fixed 65537 public exponent, the SHA-256 fingerprint of the SPKI public key, and the OpenSSH SHA256 fingerprint, so two parties can confirm they hold the same key.

  5. 05

    Encrypt and Sign Playground

    A collapsible playground lets you encrypt then decrypt, or sign then verify, with the generated pair. Confirm round-trips and signature validity before integrating the key anywhere.

  6. 06

    Copy, Download, and Bundle

    Copy any key to the clipboard, download it individually as .pem, .json, or .pub, or grab the whole pair as a single rsa-keypair.zip from the toolbar.

How to use

Decide the usage and parameters first, generate locally, then export in the precise format your target system imports.

  1. 01

    Choose the usage that matches the job: RSA-OAEP for encrypting data, RSA-PSS or PKCS#1 v1.5 for producing digital signatures.

  2. 02

    Select key size (2048 for general use, 3072 or 4096 for long-lived or high-value keys) and the hash (SHA-256, SHA-384, or SHA-512).

  3. 03

    Click Generate to create the pair in your browser, then review key strength, the public exponent, and the SHA-256 / OpenSSH fingerprints.

  4. 04

    Set the private and public output formats (PKCS#8, PKCS#1, SPKI, JWK, or OpenSSH) to match OpenSSL, nginx, SSH, or your JWT/OAuth library.

  5. 05

    Copy or download each key, or use Download .zip to save both at once; optionally rename the private file to .key for nginx-style conventions.

  6. 06

    Open the Test Playground to encrypt/decrypt or sign/verify a sample message and confirm the key pair behaves before you deploy it.

Details

Built for real key provisioning and debugging — not just a one-off random key dump.

  • In-browser RSA-OAEP, RSA-PSS, and RSASSA-PKCS1-v1_5 key pair generation
  • 2048 / 3072 / 4096-bit modulus with SHA-256 / SHA-384 / SHA-512 hash selection
  • Private key export as PKCS#8 PEM, PKCS#1 PEM, or JWK
  • Public key export as SPKI PEM, PKCS#1 PEM, OpenSSH (ssh-rsa), or JWK
  • SHA-256 SPKI fingerprint and OpenSSH SHA256 fingerprint for out-of-band verification
  • Built-in encrypt/decrypt and sign/verify playground with Base64 input and output
  • Fixed 65537 public exponent for maximum interoperability across libraries
  • One-click copy, per-key download (.pem / .json / .pub), and a combined .zip download
  • Fullscreen workspace for reading long PEM blocks and comparing keys side by side
  • Fully local Web Crypto computation, so private keys stay on your device with no upload

Use cases

Useful across server provisioning, application integration, identity, and protocol debugging.

  1. SSH and Server Access

    Generate an OpenSSH public key to drop into authorized_keys for passwordless server login, while the matching private key (PKCS#8 or PKCS#1 PEM) stays on your machine.

  2. JWT, OAuth, and OIDC Signing

    Create RSA-PSS (PS256) or PKCS#1 v1.5 (RS256) keys and export JWK for token issuers, identity providers, and verifiers that consume a JWKS endpoint.

  3. TLS / HTTPS Key Material

    Produce a PKCS#8 private key to pair with a CSR and certificate for nginx, Apache, or a load balancer (rename to .key as servers conventionally expect).

  4. Payload and Secret Encryption

    Use RSA-OAEP to encrypt a short secret or a random AES key that two services exchange, then move bulk data under symmetric encryption.

  5. Library and SDK Integration

    Drop a JWK or PEM into Node.js (crypto / jose), Python (cryptography), Java (KeyFactory), or Go to test importing and signing flows quickly.

  6. Test Fixtures and Demos

    Spin up disposable key pairs and signatures for unit tests, CI fixtures, documentation examples, and security training without touching production keys.

See also

To fingerprint a key file or verify an artifact without a key pair, use Hash Generator . When you sign or verify tokens with these RSA keys, continue with JWT Inspector . To inspect or transport DER bytes and PEM blocks safely, pair it with Base64 Encoder and Decoder . Once a certificate has been issued from these keys, read its subject, SANs, and validity with Certificate Decoder before you deploy it.

Best practices

RSA keys are long-lived secrets — the security of everything that trusts them depends on how you handle the private half.

  • Use at least 2048-bit keys; choose 3072 or 4096 for keys that must remain valid for many years
  • Match usage to purpose: OAEP for encryption, PSS or PKCS#1 for signatures, and never reuse one key for both roles
  • Keep the private key offline and out of logs, screenshots, chat, tickets, and version control
  • Confirm the exact format the target expects (PKCS#8 vs PKCS#1, SPKI vs OpenSSH, PEM vs DER) before importing
  • Verify the SHA-256 or OpenSSH fingerprint over a separate channel after transferring a public key
  • Encrypt private keys at rest with a passphrase (e.g. via OpenSSL) before storing or sharing them
  • Rotate keys on a defined schedule and revoke immediately any key that may have been exposed
  • Prefer hardware-backed or KMS-managed keys for high-value production systems where exportable keys are a risk

Limitations

Understand these boundaries so you do not build on an incorrect security assumption.

  • RSA-OAEP encrypts only small payloads (a few hundred bytes); encrypt a symmetric key and use AES for bulk data
  • This tool generates a raw key pair — it does not issue X.509 certificates, CSRs, or manage key storage and rotation
  • For nginx/TLS you can use the private key as ssl_certificate_key, but ssl_certificate still requires a CA-signed certificate
  • Generated private keys are unencrypted; add passphrase protection with external tooling such as OpenSSL if required
  • The public exponent is fixed to 65537 (0x010001), the standard interoperable value, and is not configurable
  • Generating 4096-bit keys can take noticeably longer and depends on your device and browser performance

FAQ

Answers to common questions about formats, usage, security, interoperability, and practical limits.

Are the keys generated on a server?

No. Every key pair is generated locally in your browser with the Web Crypto API. The private key is created on your device and is never uploaded, logged, or transmitted, so the tool is safe for real secrets.

What is the difference between PKCS#8 and PKCS#1?

They are two encodings of the same RSA private key. PKCS#8 (BEGIN PRIVATE KEY) is the modern, algorithm-agnostic wrapper used by most current libraries; PKCS#1 (BEGIN RSA PRIVATE KEY) is the older RSA-specific format that some legacy tools and OpenSSL workflows still expect. Both are PEM text — switch formats here without regenerating the key.

What do .key, .pem, and .crt mean for nginx or OpenSSL?

They are naming conventions, not different formats — the contents are usually PEM either way. .key conventionally holds the private key (nginx ssl_certificate_key), while .crt / .cer / .pem hold a certificate (ssl_certificate). This tool produces a raw public key, not a certificate, so for TLS you still need a CSR and a CA-signed certificate.

Which usage should I pick — OAEP, PSS, or PKCS#1?

Use RSA-OAEP to encrypt data, RSA-PSS for modern signatures (JWT PS256), and RSASSA-PKCS1-v1_5 for compatibility signatures (JWT RS256, many legacy systems). A key generated for encryption should not be reused for signing, or vice versa.

Is 2048-bit RSA still safe, or should I use 4096?

2048-bit RSA is still considered secure for most uses today, and 3072-bit offers a stronger long-term margin. 4096-bit adds headroom for very long-lived or high-value keys at the cost of slower operations and larger keys. Pick based on how long the key must stay trustworthy.

How do I get an SSH key from this tool?

Set the public format to OpenSSH to produce an ssh-rsa line for authorized_keys, and export the private key as PKCS#8 or PKCS#1 PEM. Save the private key with strict file permissions (chmod 600) on the client.

Can I import these keys into Node.js, Python, or Java?

Yes. Export JWK for Web Crypto and the jose library, PKCS#8 PEM for Node.js crypto and Python cryptography, and PKCS#8 or PKCS#1 PEM for Java KeyFactory. Choose the format your library documents and import directly.

Why can I only encrypt short messages with RSA-OAEP?

RSA encrypts at most a few hundred bytes per operation, bounded by the key size minus padding. In real systems you encrypt a random symmetric (AES) key with RSA-OAEP and encrypt the actual data with that AES key — a pattern called hybrid encryption.

What is the public exponent 65537?

It is the value e in the RSA public key (n, e), used during encryption and signature verification. 65537 (0x010001) is the near-universal default because it is large enough to be safe and small enough to be fast, which maximizes interoperability. This tool fixes e to 65537.

Related tools

Pair RSA keys with Hash Generator for fingerprints, JWT Inspector for token decode and verification, and HMAC Generator for shared-secret signatures.