How to generate encryption keys for FastSpring ?

Browse our easy to follow guides and tutorials that demonstrate how to use Everest Panel. Easy Guide For Broadcasters.

How to generate encryption keys for FastSpring ?

You will have to generate a private and a public encryption key in order to securely send the order information to FastSpring.

There are two ways on how to generate these keys. The easy way or the long way. The easy way is only possible, if your server is supporting openssl functionalities needed for encryption key generation. These openssl functionalities will be detected by the plugin and so, depending on your server, you will either see the “Generate private and public key” button in the plugin settings page or you wont. If you see the button, then you will be able to use the Easy Way, if you don’t then please look at the instructions for the Long Way

Easy way

  1. click on the “Generate private and public key” button in the plugins settings
  2. if the key generation was successful, dismiss the alert message and download the public-key.pem file, by clicking on the “Download private and public key” link
  3. save the plugin settings
  4. login to your FastSpring dashboard and navigate to Integrations » Store Builder Library. Upload the public-key.pem file to the Public Certificate option.

That’s it! 

Long way

The private and public keys will have to be  generated on your computer, so let’s look at how to generate them.

Generate the private/public keys

The generation of these private/public keys differ, depending on which computer operating system you are using. Please follow the instructions for the OS your computer is using.

macOS and Linux

On macOS and on Linux, you should open the terminal program and execute the commands displayed below:

Create a 2048-bit RSA private key. Don’t share this key with anyone, use it only in the EDD FastSpring plugin settings. This key will be used to encrypt the orders. Use this command to generate the privatekey.pem file which will contain your private key. The file will be created in the position, that the terminal is currently located in (usually your home directory).

openssl genrsa -out privatekey.pem 2048

Create a 2048-bit RSA public key. Only share this key with FastSpring. FastSpring will use your public key PEM file publiccert.pem to decrypt the orders. The file will be created in the position, that the terminal is currently located in (usually your home directory). After you run this command a few short questions will be presented to you, which you can skip, by hitting “enter” key for each of them.

openssl req -new -key privatekey.pem -x509 -days 3650 -out publiccert.pem

Now that you have generated these keys, you have to configure the EDD FastSpring plugin and the FastSpring Dashboard, so look at these instructions in the sections below.

Windows

For generation of these private/public keys your computer needs OpenSSL. Windows does not have that installed by default, so we will have to do that ourselves.

  1. Go to this website: https://slproweb.com/products/Win32OpenSSL.html
  2. In the “Download Win32 OpenSSL” section download the latest appropriate “Light” version of the OpenSSL installer. By “appropriate” It mean the version of Windows you are using (32bit or 64bit). I’m using the 64-bit Windows, so at the time of writing this, the latest version to download is “Win64 OpenSSL v1.1.0f Light”.
  3. Install the downloaded installer file as you would any other windows application (leave the default installation path, because it will be needed later on). In the last step, you can uncheck the donation option and click on “Finish”.

So, the OpenSSL is now installed on your Windows computer and we can generate the private and public keys.

Click on your Windows start button and search for “Command Prompt” (cmd), right click on the “Command Prompt” and choose to “Run as administrator”. Click on “yes”, when the window for the administration conformation pops up.

Copy and paste this command into the cmd and hit enter (this will position the cmd location to your desktop, where we will generate the private/public keys):

cd %userprofile%\\Desktop

Depending on which version of Windows you have and therefore which version of OpenSSL you installed, you will have to use a specific path to the OpenSSL executable.

By default the paths are:

  • If you installed the win32 version, the path will be:
    C:\\OpenSSL-Win32\\bin\\openssl.exe
  • If you installed the win64 version, the path will be:
    C:\\OpenSSL-Win64\\bin\\openssl.exe

I’m using the win64 version, so I’ll use that path in the example, if you are using the win32, then just change the “64” in the path to “32”.

Create a 2048-bit RSA private key. Don’t share this key with anyone, use it only in the EDD FastSpring plugin settings. This key will be used to encrypt the orders. Use this command to generate the privatekey.pem file which will contain your private key.

C:\\OpenSSL-Win64\\bin\\openssl.exe genrsa -out privatekey.pem 2048

Create a 2048-bit RSA public key. Only share this key with FastSpring. FastSpring will use your public key PEM file publiccert.pem to decrypt the orders. After you run this command a few short questions will be presented to you, which you can skip, by hitting “enter” key for each of them.

C:\\OpenSSL-Win64\\bin\\openssl.exe req -new -key privatekey.pem -x509 -days 3650 -out publiccert.pem

Now that you have generated these keys, you have to configure the EDD FastSpring plugin and the FastSpring Dashboard, so look at these instructions in the sections below.

FastSpring dashboard configuration

Login to your FastSpring dashboard and navigate to Integrations » Store Builder Library. Upload the publiccert.pem file to the Public Certificate option.