Generating an RSA key pair in powershell


I want to generate an RSA public private key pair in powershell without using external software and I want to test it. It should be able to encrypt/decrypt data on any online public/private key verification service.

Purpose- Strictly Educational. I’m very well aware that you shouldn’t export your private key online for security purposes.

So far I’ve tried
ssh-keygen and

System.Security.Cryptography.RSACryptoServiceProvider creates P, Q etc. all the raw material for calculating public/private key, but I don’t want the raw material.

ExportCspBlob(x) provides a key, but when I try to verify it online, the key pair verification fails.

So, is there any way to create RSA public private key pair in powershell without using any external programs, which can be directly copy-pasted into a certificate format(the one with —–BEGIN PRIVATE KEY—- stuff)?


If you just want to implement Public Key encryption/decryption with powershell, there are built-in tools for that. To generate key pair just use New-SelfSignedCertificate cmdlet, then you can use generated certificate to encrypt/decrypt data using Protect/Unprotect-CmsMessage (this is PGP-like cmdlets, meaning you don’t have to deal with symmetric key part yourself). Then to share or move keys to other machines you can use Import/Export-Certificate cmdlets. See the example below


Generating an RSA key pair in powershell by licensed under CC BY-SA | With most appropriate answer!

Leave a Reply