SahamatiNet
  • Background
  • SahamatiNet POC
    • Introduction
    • Applications
    • Observability
    • Integration Steps
      • Sandbox Onboarding
      • IAM APIs
      • CR APIs
      • Integration with Router
        • Sample Code Snippets
          • Python
          • Java
          • JavaScript
          • GoLang
          • C#
        • Router APIs Specifications
          • FIU API Specification
          • AA API Specification
          • FIP API Specification
      • ReBIT Workflows using Router
        • Account Discovery & Linking
        • Consent Workflow
        • FI Request Workflow
    • Integration with Simulators
      • AA Simulator
      • FIP Simulator
      • FIU Simulator
    • Validation of Integration
  • Glossary
  • Guidelines
  • Frequently Asked Questions
  • How To Guides
    • How To Onboard to Sandbox ?
    • How To Decide on an Entity ID ?
    • How To Generate a Certificate ?
    • How To Generate Tokens ?
Powered by GitBook
LogoLogo

Copyright © 2025 - Sahamati Foundation

On this page

Was this helpful?

Export as PDF
  1. How To Guides

How To Generate a Certificate ?

PreviousHow To Decide on an Entity ID ?NextHow To Generate Tokens ?

Was this helpful?

How to create a certificate using

To generate a certificate, follow these steps:

  • Go to

  • Select the required fields:

    • Key Use (use): Choose sig (for signature).

    • Algorithm (alg): Select RS256 (RSA Signature with SHA-256).

    • Key ID (kid): This is a unique identifier for the key. You can enter any random string or a specific identifier that you would like to use.

    • Key Type (kty): RSA is recommended, so ensure RSA is selected.

    • Modulus (n): This will be automatically generated when you create the key.

    • Exponent (e): This will also be generated automatically.

  • Generate the Key Pair:

    • Click the “Generate” button to create your public and private key pair. Make sure to save both the public and private keys securely as the private key will be required later for signing requests.

  • Validate the certificate: Ensure the generated certificate contains the following properties:

    • kty: Key Type (e.g., RSA)

    • e: Exponent (e.g., AQAB)

    • use: Key Use (e.g., sig)

    • kid: Key ID (your unique key identifier)

    • alg: Algorithm (e.g., RS256)

    • n: Modulus (the base64 encoded string representing the modulus of the RSA key)

Example json output:

{
  "kty": "RSA",
  "e": "AQAB",
  "use": "sig",
  "kid": "<your-key-id>",
  "alg": "RS256",
  "n": "<your-modulus>"
}

Screenshot for your reference

https://mkjwk.org/
https://mkjwk.org/