Thank you for your visit. This page is only available in English at this time.

Manually generating key pairs


Generating key pair

Amazon Pay uses asymmetric encryption to secure communication. You will need a public/private key pair and a corresponding Public Key ID (a unique Amazon Pay identifier for the key pair) to access Amazon Pay. You can manually generate a public/private key pair using these instructions:

Open Command Prompt or Terminal and use these commands to generate a public and private key pair:

openssl genpkey -out privateKey.pem -algorithm RSA -pkeyopt rsa_keygen_bits:2048
openssl rsa -in privateKey.pem -pubout > publicKey.pub
        
Open a Windows command prompt or PowerShell and use these commands to generate a public and private key pair:
          
ssh-keygen -t rsa -b 2048 -m PKCS8 -f privateKey.pem
ssh-keygen -f privateKey.pem -e -m PKCS8 > publicKey.pub
          
        
You must install a shell program to generate the keys. Download Git Bash (or an equivilant emulation software) and use these commands to generate a public and private key pair:
          
openssl genpkey -out privateKey.pem -algorithm RSA -pkeyopt rsa_keygen_bits:2048
openssl rsa -in privateKey.pem -pubout > publicKey.pub
          
        

Once you have generated a key pair, you can exchange the public key for a Public Key ID using Amazon Pay Integration Central: US, EU, JP.

Exchanging public key for Public Key ID

Follow these instructions to exchange the public key you generated in the previous step for a Public Key ID:

  1. Navigate to Amazon Pay Integration Central: US, EU, JP.
  2. Identify as a “Self-developed” integration
    1. Select “Self-developed” option from the drop-down menu
    2. Use the default “One-time Payments, Single Authorization” payment type setting
    3. Click on the “Get instructions” button
  3. Create a public/private key pair
    1. Navigate to the “API keys” section
    2. Click on the “Create keys” button
    3. Select option "Use an existing public key to create API credentials"
    4. Name your API keys. Use a descriptive name, the name will be used to differentiate between multiple keys when you need to manage them in Integration Central. When naming the keys, you should consider who is using it and what they’re using it for
    5. Click “Create keys” to create your Public Key ID