How to generate an API Signing Key?
Use the following OpenSSL commands to generate the key pair in the required PEM format.
Step 1: Create the .oci Directory
If you haven't already, create an .oci directory to store the credentials:
mkdir ~/.oci
Step 2: Generate the Private Key
Generate the private key with one of the following commands:
To generate the key, encrypted with a passphrase you provide when prompted:
Oracle cloud recommend that you use a passphrase for your key.
openssl genrsa -out ~/.oci/oci_api_key.pem -aes128 2048
To generate the key with no passphrase:
openssl genrsa -out ~/.oci/oci_api_key.pem 2048
Step 3: Change File Permissions
For security reasons, it is critical to ensure that only you can read/write the private key file. To enable the same, use the following command:
chmod go-rwx ~/.oci/oci_api_key.pem
Step 4: Generate the Public Key
Generate the public key from your new private key:
openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem
Step 5: Copy the Public Key
Copy the contents of the public key to the clipboard using pbcopy, xclip, or a similar tool (you'll need to paste the value into the Console later). For example:
cat ~/.oci/oci_api_key_public.pem | pbcopy
Your API requests will be signed with your private key, and Oracle will use the public key to verify the authenticity of the request. The public key must be uploaded to IAM.
If you're using Windows, you'll need to install Git Bash for Windows before running the following commands.
Be sure to include the openssl binary in your Windows path. On default installations, the openssl.exe file can be found in:
C:\Program Files\Git\mingw64\bin
Use the following OpenSSL commands to generate the key pair in the required PEM format.
Step 1: Create the .oci Directory
If you haven't already, create a .oci directory to store the credentials. For example:
mkdir %HOMEDRIVE%%HOMEPATH%\.oci
Step 2: Generate the Private Key
Generate the private key with one of the following commands:
To generate the key that is encrypted with a passphrase you provide when prompted:
Oracle cloud recommend that you use a passphrase for your key.
openssl genrsa -out %HOMEDRIVE%%HOMEPATH%\.oci\oci_api_key.pem -aes128 -passout stdin 2048
To generate the key with no passphrase:
openssl genrsa -out %HOMEDRIVE%%HOMEPATH%\.oci\oci_api_key.pem 2048
Step 3: Generate the Public Key
Generate the public key from your new private key:
openssl rsa -pubout -in %HOMEDRIVE%%HOMEPATH%\.oci\oci_api_key.pem -out %HOMEDRIVE%%HOMEPATH%\.oci\oci_api_key_public.pem
Step 4: Copy the Public Key
Copy the contents of the public key to the clipboard (you'll need to paste the value into the Console later). For example:
type \.oci\oci_api_key_public.pem
Your API requests will be signed with your private key, and Oracle will use the public key to verify the authenticity of the request. The public key must be uploaded to IAM.
New to ADSelfService Plus?
Related Articles
How to set the PHP path during agent installation?
This is only applicable to the agent versions 4.2 and above. For Linux Step 1: Download the installation script. wget -O InstallAgentPHP.zip https://www.manageengine.com/products/applications_manager/54974026/InstallDataExporter.zip && unzip ...Add Amazon Monitor with Required IAM Permissions
This article explains how to add Amazon monitors using only the required APIs (Custom IAM Policy - second method ↓) Methods to Configure IAM Permissions for Amazon Monitoring Read Only Access (AWS Managed Policy - Recommended) This predefined policy ...Troubleshooting Steps for Tomcat Upgrade Failure
Verify Folder Existence Check if the ApplicationsManager/working/apache/tomcat_9_new folder exists. If it does, please delete this folder. Download and Extract Tomcat Use the appropriate version-specific ZIP based on your APM version: For APM ...