What this tool is good for
This tool generates a fresh RSA key pair entirely in the browser. The output includes an X.509 PEM public key and a PEM private key that can optionally be password-protected before export.
It is useful for testing, local development, certificate experiments, and interoperability work where you need a quick RSA key pair without sending key material to a server.
How to use it
- Choose a key size such as 2048 or 4096 bits for normal use.
- Optionally enter a password if you want the generated private key to be encrypted.
- Generate the key pair, then copy the PEM blocks or download them as a ZIP archive.
Practical notes
- 2048-bit RSA is a common baseline for general compatibility.
- 512-bit and 1024-bit options are kept mainly for legacy compatibility, constrained test cases, or interoperability checks rather than new security-sensitive deployments.
- Larger keys improve security margins but take longer to generate.
- If you set a private-key password, keep it safe or the private key cannot be used later.
FAQ
What RSA key size should I generate?
For most modern uses, 2048 bits is a common baseline and 3072 or 4096 bits provides a larger security margin. Match the key size to the requirements of the system that will use it.
Can I use the same RSA key pair for encryption and signing?
Some systems allow it, but separating keys by purpose is usually cleaner and safer. Use one key pair for encryption workflows and another for digital signatures when your architecture permits it.
Which RSA key format should I download?
Use PEM for broad compatibility with OpenSSL, web services, and many libraries. Use XML only when a legacy .NET or C# integration specifically expects XML RSA key material.
Related tools
- RSA Encryption & Decryption:Encrypt and decrypt short text with RSA in your browser
- RSA Sign & Verify:Create and verify RSA signatures online
- RSA Private Key Password:Add, change, or remove RSA private key passwords