I am using the function
Crypto.sign(algorithmName, input, privateKey)from the Crypto class as follows:
String algorithmName = 'RSA'; String key = ''; Blob privateKey = EncodingUtil.base64Decode(key); Blob input = Blob.valueOf('12345qwerty'); Crypto.sign(algorithmName, input, privateKey);
What I want to do is generate a private key and public key from the Salesforce environement. That is to say dynamically and not from my command prompt (using openSSL). Is it possible ?
Setup -> Certificate and Key Management you will find two options for doing so:
Create Self Signed Certificate: creates/signs a private & public certificate. Will not be recognized by trust stores, but can be useful for internal applications
Create CA-Signed Certificate: Will create a private key and a CSR which you can then have signed by a Root CA, and upload back into salesforce.
You can then use the crypto
verify methods which accept a certDevName as a parameter.
NOTE: The private key is NOT accessible directly from apex.