Guides
Talk to Us

Key Generation

Suggest Edits

Verimatrix requires that tokens being received are signed using a private key. The message is verified against the public part of this key. Where possible, signers should generate and use their own keys within a trusted environment. Verimatrix will NEVER ask for the private part of the key.

OpenSSL Key Generation

Verimatrix recommends that you use ES256 elliptic curve digital signature algorithms (ECDSA) to generate the key pair to sign your tokens.

To Generate a Key Pair of ECDSA

Use the OpenSSL utility to generate a key pair using the Prime-256 curve and the SHA-256 hash algorithm.
Enter the following commands:

      # openssl ecparam -genkey -name prime256v1 -noout -out ec256-key-pair.pem

      # openssl ec -in key.pem -pubout -out public.pem -outform PEM

Updated over 1 year ago