RSA Key Pair Generator

Generate RSA public and private key pairs in PEM format using the Web Crypto API in your browser.

Loading...
1. Select the key size: 2048-bit for standard use or 4096-bit for higher security. 2. Click the generate button to create a new RSA public and private key pair. 3. Wait briefly while the Web Crypto API generates the keys in your browser. 4. Copy the public key in PEM format to share with others for encryption or verification. 5. Copy the private key in PEM format and store it securely - never share it. 6. Download the key pair as separate files for use in your applications.

About This Tool

RSA (Rivest-Shamir-Adleman) is one of the most widely used public-key cryptographic algorithms, essential for secure communication, digital signatures, and key exchange. The RSA Key Pair Generator creates matching public and private key pairs entirely in your browser using the Web Crypto API, with no server involvement whatsoever.

You can generate key pairs in common sizes including 2048-bit, 3072-bit, and 4096-bit. Larger key sizes provide stronger security but take longer to generate and use in cryptographic operations. For most applications in 2026, 2048-bit keys are the minimum recommended size, while 4096-bit keys offer a larger security margin for long-term protection. The generated keys are output in standard PEM format, compatible with OpenSSL, SSH, TLS certificates, JWT signing, and virtually all cryptographic libraries.

This tool is ideal for developers who need a quick key pair for testing, setting up SSH access, configuring JWT authentication, or learning about public-key cryptography. Because the keys are generated using the browser cryptographic API with proper random number generation, they are suitable for real use cases. However, for production environments, always ensure you store private keys securely and never share them.

Frequently Asked Questions

Use 2048-bit as the minimum for any security purpose. Choose 3072-bit for compliance with stricter security standards. Use 4096-bit for maximum security and long-term protection, though key generation and cryptographic operations will be slower.
Yes. The keys are generated using the Web Crypto API which provides cryptographically secure random number generation. However, ensure you transfer and store the private key securely. Never expose private keys in client-side code or public repositories.
The public key can be shared openly and is used to encrypt data or verify signatures. The private key must be kept secret and is used to decrypt data or create signatures. Together they form a mathematically linked pair that enables secure asymmetric cryptography.
No. The entire key generation process runs in your browser using the Web Crypto API. Neither the public key nor the private key is ever transmitted to any server. You should still handle the private key carefully after generation.
Common uses include SSH authentication, TLS/SSL certificates, JWT token signing, encrypting sensitive data, digital document signing, email encryption with PGP/GPG, and secure API communication.

Related Tools

Text Encryption and Decryption

Encrypt and decrypt text using AES-256 encryption entirely in your browser. No data sent to servers.

Security and Encryption

JWT Decoder

Decode JSON Web Tokens to inspect header, payload, and signature without needing the secret key.

Developer Tools

Password Generator

Generate strong, secure passwords with customizable length, complexity, pronounceable options, and passphrases.

Security and Encryption

Token Generator

Generate random tokens and strings in hex, alphanumeric, URL-safe, and custom character set formats.

Security and Encryption

Bcrypt Hash Generator and Verifier

Generate bcrypt hashes with configurable rounds and verify passwords against existing bcrypt hashes.

Security and Encryption