dmolinari/SIG-CM2.0

Files

dmolinari 88ecaa2c7f chore(udt-001): RSA key generation script

2026-04-13 21:35:56 -03:00

672 B

Raw Blame History

JWT RSA Keys

This directory holds the RSA 2048 key pair used for JWT RS256 signing.

Files (gitignored)

private.pem — RSA private key (NEVER commit this)
public.pem — RSA public key (NEVER commit this)
.gitkeep — keeps this directory tracked in git

Regenerate keys

Run from the repo root (requires PowerShell 7 / pwsh):

pwsh -File scripts/generate-keys.ps1

Production

In production, set these environment variables instead of files:

JWT__PrivateKey=<base64-encoded PEM content>
JWT__PublicKey=<base64-encoded PEM content>

The API's RsaKeyLoader checks environment variables first, falls back to files.