# kumactl generate signing-key

Generate signing keys

# Synopsis

Generate a private key for signing tokens.

kumactl generate signing-key [flags]
1

# Examples


Generate a new signing key to rotate tokens (for example user-token) on Universal.
$ echo "
type: GlobalSecret
name: user-token-signing-key-0002
data: {{ key }}
" | kumactl apply --var key=$(kumactl generate signing-key) -f -

Generate a new signing key to rotate tokens (for example user-token) on Kubernetes.
$ TOKEN="$(kumactl generate signing-key)" && echo "
apiVersion: v1
data:
  value: $TOKEN
kind: Secret
metadata:
  name: user-token-signing-key-0002
  namespace: kong-mesh-system
type: system.kuma.io/global-secret
" | kubectl apply -f - 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

# Options

  -h, --help   help for signing-key
1

# Options inherited from parent commands

      --api-timeout duration   the timeout for api calls. It includes connection time, any redirects, and reading the response body. A timeout of zero means no timeout (default 1m0s)
      --config-file string     path to the configuration file to use
      --log-level string       log level: one of off|info|debug (default "off")
      --no-config              if set no config file and config directory will be created
1
2
3
4

# SEE ALSO

Last Updated: 4/7/2022, 3:45:22 PM