Key Generator

For security, keys are generated server-side using Node.js web-push library and never stored.

Public Key

Private Key

Keep this private key secure and never expose it in client-side code

Quick Guide

Generate Keys
Click the button to create a new VAPID key pair
Copy Both Keys
Store them securely in your server configuration
Security First
Never expose the private key in client-side code
Server Storage
Use environment variables for production

Documentation Links

About VAPID Keys

How We Generate Keys

This tool uses the web-push Node.js library to generate cryptographically secure VAPID key pairs:

When you click "Generate", your browser makes a request to our Node.js server
The server uses the webPush.generateVAPIDKeys() method
This creates an ECDSA key pair using the P-256 curve
The keys are converted to Base64 URL-safe format
Both keys are returned to your browser

The server code is open source and available for inspection.

Spring Boot Integration

To use these keys in your Spring Boot application:

// application.properties
push.vapid.public-key=YOUR_PUBLIC_KEY
push.vapid.private-key=YOUR_PRIVATE_KEY

// Configuration class
@Configuration
public class WebPushConfig {
  
  @Value("${push.vapid.public-key}")
  private String publicKey;
  
  @Value("${push.vapid.private-key}")
  private String privateKey;
  
  @Value("${push.vapid.subject}")
  private String subject;
  
  @Bean
  public VAPIDKeys vapidKeys() {
    return new VAPIDKeys(publicKey, privateKey, subject);
  }
}

Security Best Practices

Private Key Protection
Never commit private keys to version control
Environment Variables
Use process.env or similar for production
Key Rotation
Regularly rotate keys for enhanced security
Access Control
Restrict access to keys to authorized personnel only

Technical Specifications

Algorithm

ECDSA P-256

Key Format

Base64 URL-safe

Key Size

256-bit

Standard

RFC 8292

Compatible with all major browsers including Chrome, Firefox, Edge, and Safari