Command: create rsakeypair


ocm create rsakeypair [<private key file> [<public key file>]] {<subject-attribute>=<value>}


      --cacert string       certificate authority to sign public key
      --cakey string        private key for certificate authority
  -h, --help                help for rsakeypair
      --validity duration   certificate validity (default 87600h0m0s)


Create an RSA public key pair and save to files.

The default for the filename to store the private key is rsa.priv. If no public key file is specified, its name will be derived from the filename for the private key (suffix .pub for public key or .cert for certificate). If a certificate authority is given (–cacert) the public key will be signed. In this case a subject (at least common name/issuer) and a private key (–cakey) is required. If only a subject is given, the public key will be self-signed.

For signing the public key the following subject attributes are supported:

  • CN, common-name, issuer: Common Name/Issuer
  • O, organization, org: Organization
  • OU, organizational-unit, org-unit: Organizational Unit
  • STREET (multiple): Street Address
  • POSTALCODE, postal-code (multiple): Postal Code
  • L, locality (multiple): Locality
  • S, province, (multiple): Province
  • C, country, (multiple): Country


$ ocm create rsakeypair mandelsoft.priv mandelsoft.cert issuer=mandelsoft

See Also

  • ocm create — Create transport or component archive