If you haven't already, create an .oci directory to store the credentials:
mkdir ~/.oci
Generate the private key with one of the following commands:
To generate the key, encrypted with a passphrase you provide when prompted:
Oracle cloud recommend that you use a passphrase for your key.
openssl genrsa -out ~/.oci/oci_api_key.pem -aes128 2048
To generate the key with no passphrase:
openssl genrsa -out ~/.oci/oci_api_key.pem 2048
For security reasons, it is critical to ensure that only you can read/write the private key file. To enable the same, use the following command:
chmod go-rwx ~/.oci/oci_api_key.pem
Generate the public key from your new private key:
openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem
Copy the contents of the public key to the clipboard using pbcopy
, xclip
, or a similar tool (you'll need to paste the value into the Console later). For example:
cat ~/.oci/oci_api_key_public.pem | pbcopy
Your API requests will be signed with your private key, and Oracle will use the public key to verify the authenticity of the request. The public key must be uploaded to IAM.
Be sure to include the openssl binary in your Windows path. On default installations, the openssl.exe file can be found in:
C:\Program Files\Git\mingw64\bin
Use the following OpenSSL commands to generate the key pair in the required PEM format.
If you haven't already, create a .oci directory to store the credentials. For example:
mkdir %HOMEDRIVE%%HOMEPATH%\.oci
Generate the private key with one of the following commands:
To generate the key that is encrypted with a passphrase you provide when prompted:
Oracle cloud recommend that you use a passphrase for your key.
openssl genrsa -out %HOMEDRIVE%%HOMEPATH%\.oci\oci_api_key.pem -aes128 -passout stdin 2048
To generate the key with no passphrase:
openssl genrsa -out %HOMEDRIVE%%HOMEPATH%\.oci\oci_api_key.pem 2048
Generate the public key from your new private key:
openssl rsa -pubout -in %HOMEDRIVE%%HOMEPATH%\.oci\oci_api_key.pem -out %HOMEDRIVE%%HOMEPATH%\.oci\oci_api_key_public.pem
Copy the contents of the public key to the clipboard (you'll need to paste the value into the Console later). For example:
type \.oci\oci_api_key_public.pem
Your API requests will be signed with your private key, and Oracle will use the public key to verify the authenticity of the request. The public key must be uploaded to IAM.