Print this page

How to get the Private key from OPENSSL (for API call)

Knowledge Article Number 000180829
Description Need a pkcs 8 format of the private key associated with the self signed certificate in order to signature xml. The process in salesforce to get the Private key associated with Certificate.
Resolution
 To get a private key for your API call. I have listed some steps that may help us solve this issue. 
 
1. The first step is to generate a self-signing public certificate and private key.Open terminal and run the following: 
// Generate Private Key. 
//Note: privkey is a custom name of the private Key. 
 
openssl genrsa > privkey.pem 
 
2. You need to use the private key file with the openssl pkcs8 command to process the private keys into PKCS#8 format. 
 
Open terminal again and run: 
//Comanad: 
openssl pkcs8 -topk8 -nocrypt -in privkey.pem -outform PEM 
 
3. Copy the Key and use as a pkcs8 format private key. 
 
 
Syntax (sample code) to use the key: 
 
String algorithmName = 'RSA'; 
String key = 'pkcs8 format private key'; 
Blob privateKey = EncodingUtil.base64Decode(key); 
Blob input = Blob.valueOf('1234Call'); 
Crypto.sign(algorithmName, input, privateKey);




promote demote