How to create public and private key with OpenSSL?

My questions are:

How to create
- a public key
- and a private key with OpenSSL on Windows?
How to put the created public key
- in a .crt file and
- the private one in a .pkcs8 file?

I want to use these two keys to sign a SAML assertion in Java.

Solution

You can generate a public-private keypair with the genrsa context (the last number is the keylength in bits):

openssl genrsa -out keypair.pem 2048

To extract the public part, use the rsa context:

openssl rsa -in keypair.pem -pubout -out publickey.crt

Finally, convert the original keypair to PKCS#8 format with the pkcs8 context:

openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in keypair.pem -out pkcs8.key

Why rust is failing to build command for openssl-sys v0.9.60 even after local installation?
Building Python with SSL support in non-standard location
How to fix fatal error C1083 and LNK1104 on windows while building openssl 3 using conan?
ITMS-91065: Missing Signature in Privacy Impacting SDK
Openssl can't compile when compiling for ARM, otherwise works fine
Make OpenSSL accept expired certificates
Generate sha256 with OpenSSL and C++
libssl.so.1.1: cannot open shared object file: No such file or directory
Node.js ERR_OSSL_EVP_UNSUPPORTED error when running npm run start
What causes keytool error "Failed to decrypt safe contents entry"?
Why Am I Getting Different Cipher Outputs Between Node.js and PHP When Reading Large Files by Chunks?
Ruby 2.7.4 & 3.0.0 fails on macOS Big Sur (11.2.3): undeclared identifier RSA_SSLV23_PADDING
How can I connect a C# SSLStream client to an OpenSSL server?
Gracefully Shutdown TLS connection in C OpenSSL
PHP openssl_pkcs12_read "error:0308010C:digital envelope routines::unsupported"
Why does smaller blocksize lead to slower throughput for AES encryption?
openssl_pkey_get_details($res) returns no public exponent
dyld: Library not loaded: /usr/local/opt/openssl/lib/libssl.1.0.0.dylib
Creating PKCS#12 keystore with multiple certificates using OpenSSL 1.0.0a
How to establish TLS session in python using PKCS11
how to create CSR in PHP?
Convert pem key to ssh-rsa format
Error installing Ruby with rvm: "__rvm_make -j8"
troubles with RVM and OpenSSL
How to get cipher text as result of encryption using aes cbc 128 bit with open ssl in c language
OpenSSL: try to decode DER data
openssl/ssl.h not found but installed with homebrew
I have a certificate and a private key on the client and on the server but gRPC secure connetion fails
How to solve OpenSSL error during install of ruby 3.1.3 for Mac
Renewing Minikube SSL certificates for 10 years