-
Generate a 2048-bit RSA private key
openssl genrsa -out private_key.pem 2048
-
Convert private Key to PKCS#8 format (so Java can read it)
openssl pkcs8 -topk8 -inform pem -in private_key.pem -outform der -nocrypt -out private_key.der.pkcs8
-
Generate self-signed X.509 Certificate using initially generated RSA Private Key (so Java can read it)
openssl req -new -x509 -key private_key.pem -out public_key.cer -days 1024 -subj '/CN=localhost'
This Certificate file should act as the Public Key that you'll use to validate the JWT tokens; It's a recommended way of storing and communicating the public key.