Print this page

How to get the Private key from OPENSSL (for API call)

Knowledge Article Number 000180829
Description Need a pkcs 8 format of the private key associated with the self signed certificate in order to signature xml. The process in salesforce to get the Private key associated with Certificate.
 To get a private key for your API call. I have listed some steps that may help us solve this issue. 
1. The first step is to generate a self-signing public certificate and private key.Open terminal and run the following: 
// Generate Private Key. 
//Note: privkey is a custom name of the private Key. 
openssl genrsa > privkey.pem 
2. You need to use the private key file with the openssl pkcs8 command to process the private keys into PKCS#8 format. 
Open terminal again and run: 
openssl pkcs8 -topk8 -nocrypt -in privkey.pem -outform PEM 
3. Copy the Key and use as a pkcs8 format private key. 
Syntax (sample code) to use the key: 
String algorithmName = 'RSA'; 
String key = 'pkcs8 format private key'; 
Blob privateKey = EncodingUtil.base64Decode(key); 
Blob input = Blob.valueOf('1234Call'); 
Crypto.sign(algorithmName, input, privateKey);

promote demote