RSA / EC Key Pair Generator

Create an RSA or elliptic-curve (ECDSA) key pair in your browser and export both keys as PEM or JWK. The keys are generated with the Web Crypto API and never leave the page, so the private key stays on your machine. Handy for signing, JWTs, SSH-style auth, and local testing.

Security

Generate an RSA or elliptic-curve key pair right in your browser. The keys are made with the Web Crypto API and never leave the page, so the private key stays private. Use them for signing, SSH-style auth, JWTs, or testing.

TypeKey sizeFormat

Keep the private key secret. Anyone who has it can sign and decrypt as you. Share only the public key.

What it generates

Pick RSA (2048, 3072, or 4096 bits) or an elliptic curve (P-256, P-384, P-521), then hit Generate. You get a matching public and private key. PEM output gives you the familiar -----BEGIN PUBLIC KEY----- blocks (SPKI for the public key, PKCS#8 for the private one). JWK output gives you the JSON Web Key form used by a lot of token libraries. Copy whichever you need.

RSA or elliptic curve?

RSA is the most widely supported and a safe default - 2048 bits is fine for most uses, 3072 or 4096 for longer-lived keys. Elliptic curve keys are much smaller and faster to generate for the same security level, which is why they show up in modern JWT and TLS setups. P-256 is the common pick. If you're not sure what a system expects, RSA 2048 almost always works.

Keep the private key safe

Everything happens locally in your browser through the Web Crypto API - nothing is uploaded and the keys aren't stored or logged. That also means there's no way to recover a key once you close the page, so save anything you want to keep. Treat the private key like a password: anyone who has it can sign or decrypt as you, so only ever share the public key.