Creating a private and public key pair

The IBM RPA system vault uses a private and public key pair for encrypting and decrypting registered credentials. See how to create these keys in the procedure.

Before you begin

If you plan to use the user vault, skip to Configuring the User Vault instead. The User Vault does not require a key pair to work.
Ensure that the Tenant does not contain a public key registered to it. See Tenant configuration credentials for more information.
To generate keys, install OpenSSL .

Note:OpenSSL does not distribute binaries officially 🡥. Thus, you must compile the source code on your own or check out alternative binary files 🡥.

Procedure

Once installed, run the OpenSSL command prompt. Type openssl to start the application.
To generate a new RSA private key, type:
```
genrsa -out {path_to_pem_file} 2048
```
{path_to_pem_file} is the absolute path where the PEM file will be generated. Example: C:\Users\user\keyfile.pem.
To generate a public key, type:
```
rsa -pubout -in {path_private_pem} -out (path_public_pem)
```
{path_private_pem} is the path to the private key PEM file. Example: C:\Users\user\privatekeyfile.pem.

(path_public_pem) is the path where the public key will be generated. Example: C:\Users\user\keyfile.pem.

Important:The folders referenced by their paths must exist. The OpenSSL application does not create folders.

What to do next

After you generate a private and public key pair, you can register the public key to the Tenant on the Tenant configuration credentials page. See detailed information on Configuring the System Vault.

However, if you want to use this key pair as a certificate file and install it in the Certificate Store, you may do so by Generating self-signed certificates and then Generating a PKCS#12 file.

Creating a private and public key pair

Before you begin

Procedure

What to do next

Related links