How can I generate the private and public certificates for JWT with RS256 algorithm?
You can generate them by installing and using the Cygwin package: http://www.cygwin.com.
Using the following commands:
1- Generating a Private Key:
openssl genrsa -aes256 -out private_key.pem 2048
2- Generating a Public Key:
openssl rsa -pubout -in private_key.pem -out public_key.pem
You can use the specified library (System.IdentityModel.Tokens.Jwt
) to generate your assertion JWT. An example is available here: https://vosseburchttechblog.azurewebsites.net/index.php/2015/09/19/generating-and-consuming-json-web-tokens-with-net/.
Jenan
Updated on June 26, 2022Comments
-
Jenan almost 2 years
I want to use the JWT with the RS256 algorithm using implementation in the .NET.
I've used the library
System.IdentityModel.Tokens.Jwt
. This library supports the RS256 algorithm.How can I generate the private and public certificates on Windows?
-
Jenan over 7 yearsI can see that in demos where it is used the certificate for signing and verification is format - .pfx or .p12. Is possible create these formats too?
-
mtheriault over 7 yearsYes, I think that it's possible, see the following reference: ssl.com/how-to/create-a-pfx-p12-certificate-file-using-openssl or
-
Jenan over 7 yearsThank you @mtheriault, I would like to ask about using these certificates. If I create these certificates I get two files? If I want to create JWT token I have to use the private key in format pfx? And for verification use the public key i format pfx too? Thanks for explaination.
-
mtheriault over 7 yearsDo you use an external service and you want to perform a JWT authentication? Normally, the service (REST API for example) knows the
Public Key
. On your side, you need to build a JWT assertion and sign it using thePrivate Key
. Give me more details on what you want to accomplish. -
Jenan over 7 yearsI want to create the api - where will be endpoint - "login" -> you put username and password and the app get back the JWT - probable signed with private key? And I want to be able provide the probable public key to another app. And the another app will be able to verify this token through the public token. This is it what I want to do. ;)
-
mtheriault over 7 yearsMmm OK, I never implemented this. I have used third-party REST APIs using JWT authentication. I only have to generate a public key for example, provide it to the application configuration and finally create a JWT assertion signed with the private key when it's time to invoke a specific call.
-
Jenan over 7 yearsIs this solution correct what I've written? Which third-party REST APIs did you use?
-
mtheriault over 7 yearsRecently, I have used the Box API with the JWT authentication. The REST API used the JWT token to authenticate the user and getting an access token. This following reference is very interesting: jwt.io/introduction. In Box, you configure your application and you build the JWT assertion to send. You don't have a step to login the user to get the JWT.