cpod-apps keygen
Generate signing keys for bundle integrity.
Usage
cpod-apps keygen [options]
Options
| Option | Description | Default |
|---|---|---|
-o, --output <path> | Output directory | .cpod/ |
-a, --algorithm <type> | ec or rsa | ec |
-f, --force | Overwrite existing keys | - |
-g, --global | Store in ~/.cpod/ | - |
Examples
Generate Project Keys
cpod-apps keygen
Creates keys in .cpod/:
private.pem- Keep secret, used for signingpublic.pem- Share with deployment platform
Generate Global Keys
cpod-apps keygen --global
Creates keys in ~/.cpod/ for use across all projects.
Use RSA Algorithm
cpod-apps keygen -a rsa
Key Files
.cpod/
├── private.pem # 🔒 Keep secret
└── public.pem # ✓ Safe to share
Security
Never commit private.pem to version control. The CLI automatically adds it to .gitignore.
Algorithms
| Algorithm | Description | Key Size |
|---|---|---|
ec (default) | ECDSA P-256 | Smaller, fast |
rsa | RSA 2048-bit | Widely compatible |
Verification
Share your public.pem with your deployment platform. They use it to verify that bundles haven't been tampered with.
# On deployment platform
cpod-apps validate my-app-1.0.0.zip --public-key public.pem