> ## Documentation Index > Fetch the complete documentation index at: https://docs.fenanpay.com/llms.txt > Use this file to discover all available pages before exploring further. # Generate Key Pairs This guide explains how to generate RSA public and private key pairs using both **OpenSSL** (via Bash) and **Node.js**, and how to set them in the Payment Settings section of the dashboard. ## RSA Key Pair Generation RSA is a public-key cryptosystem used for encrypting and signing data. The signature mechanism uses **SHA-256** with RSA, a combination of the RSA public-key algorithm and the SHA-256 hash function. ### Algorithm Breakdown * **RSA**: A public-key cryptosystem. * **SHA-256**: A cryptographic hash function producing a 256-bit hash value. * **Signature Algorithm**: `SHA256withRSA`, which hashes the data using SHA-256 and then signs the hash with the RSA private key. ### Algorithm Parameters * **Key Size**: 2048 bits * **Exponent**: RSA usually uses a standard exponent (65537), though not explicitly mentioned. *** ## Option 1: Generating Public and Private Keys Using OpenSSL (Bash) You can generate RSA key pairs using OpenSSL with the following commands: ```bash theme={null} # Generate the private key (AES-256 encrypted) openssl genpkey -algorithm RSA -out private_key.pem -aes256 # Extract the public key from the private key openssl pkey -in private_key.pem -out public_key.pem -pubout ``` These commands will generate two files: * **private\_key.pem**: The private key (encrypted using AES-256). * **public\_key.pem**: The public key derived from the private key. *** ## Option 2: Generating Public and Private Keys in Node.js You can also generate RSA key pairs programmatically in **Node.js** using the `crypto` module. Here's how: ```javascript theme={null} const crypto = require('crypto'); // Generate RSA key pair crypto.generateKeyPair('rsa', { modulusLength: 2048, // Key size publicKeyEncoding: { type: 'pkcs1', // Key type format: 'pem' // Output format }, privateKeyEncoding: { type: 'pkcs1', // Key type format: 'pem', // Output format cipher: 'aes-256-cbc', // Optional encryption passphrase: 'your-passphrase' // Optional passphrase for private key encryption } }, (err, publicKey, privateKey) => { if (err) { console.error('Error generating keys:', err); } else { console.log('Public Key:\n', publicKey); console.log('Private Key:\n', privateKey); } }); ``` ### Key Encoding Options: * **modulusLength**: The length of the key (2048 bits). * **publicKeyEncoding** and **privateKeyEncoding**: These specify the output format and encryption details. * **PEM format**: The most common format for public/private keys, but you can also use **DER** for binary output. *** ## Step 3: Setting Keys in Payment Settings Once you've generated the keys, you need to upload the **public key** to the Payment Settings section of your dashboard. ### Test and Production Keys: * **Test Environment**: You can upload your public key via the dashboard under `Settings > Webhook Settings > webhook_pubk_test`. * **Production Environment**: For production, go to `Settings > Webhook Settings > webhook_pubk_prod`. ### Next Steps: Verifying Webhooks After setting up your keys, you'll need to implement webhook signature verification in your application. For detailed instructions on how to verify webhook signatures, please refer to our [Verifying Webhook Signatures](/webhook/verifying-webhook) guide. ### Setting up the keys in the dashboard: Dashboard Settings Example *** By following these steps, you will have successfully generated and configured your RSA keys for webhook signature verification in your payment system. \`