https://devzone.nordicsemi.com/f/nordic-q-a/127872/nrf9160-certificate-provisioning-csr-with-rsa-keysHi We have a product that we are preparing for production. The product needs to communicate with an Azure IOT Hub that only accepts RSA keys. We have used the device_credentials_installer.py script to make a certificate signing request, but it seemsen-USTelligent Community 13Thu, 23 Apr 2026 07:51:16 GMThttps://devzone.nordicsemi.com/thread/565364?ContentTypeID=1Thu, 23 Apr 2026 07:51:16 GMT137ad170-7792-4731-bb38-c0d22fbe4515:5280d30d-ba6e-452a-92f4-3de847fd0442Simon D-M<p>Hi Martin,</p> <p>We currently don&#39;t have any sample that shows how to generate an RSA key. The closest sample I found is &quot;<a href="https://docs.nordicsemi.com/bundle/ncs-latest/page/nrf/samples/crypto/rsa/README.html">Crypto: RSA</a>&quot; which does not show how to generate the RSA key but shows how to use it. It shouldn&#39;t be too hard to modify this sample in order to replace importing the key by generating the key.</p> <p>If you need help modifying the sample feel free to ask.</p> <p>Best regards,</p> <p>Simon D-M</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/565317?ContentTypeID=1Wed, 22 Apr 2026 12:27:19 GMT137ad170-7792-4731-bb38-c0d22fbe4515:06c722b1-4a12-4a24-aa02-3c45d8ce634cMartin Hauser<p>Hi Simon<br /><br />Thanks for the clarification.<br /><br /></p> <p>We don&#39;t have control over the IOT hub, another company manages that, we are hoping that they can support ECDSA but we are waiting on a response from them.<br /><br /></p> <p>The statement that the Hub only accepts RSA key is not something we have/can confirm, but the fact that it works with a cert using RSA makes us believe that it&#39;s true. We know the root CA uses RSA unlike in the documentation you mentioned.&nbsp;</p> <p>We will try to implement key generation in application if out cloud partner can&#39;t make is work with ECDSA. Is there&nbsp;any samples showing how to generate the keys/cert?</p> <p>- Martin</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/565308?ContentTypeID=1Wed, 22 Apr 2026 12:01:30 GMT137ad170-7792-4731-bb38-c0d22fbe4515:20d34150-0f15-4a25-b274-af897a00e35aSimon D-M<p>Hi Martin,</p> <p>I&#39;m not too familiar with Azure IoT Hub, but I saw there were some documentation for generating keys for Azure IoT Hub (<a href="https://docs.nordicsemi.com/bundle/ncs-latest/page/nrf/libraries/networking/azure_iot_hub.html#generate_and_provision_device_certificates">link</a>). However, I think it uses elliptic curve keys, so are you sure that you can&#39;t configure your Hub to work with ECDSA keys ?</p> <p>Anyway, I don&#39;t think that there is a direct way to generate an RSA key directly inside the modem like with the ECDSA keys. However, the nRF9160 Crypto peripheral supports RSA key generation (<a href="https://docs.nordicsemi.com/bundle/ncs-latest/page/nrf/security/crypto/crypto_supported_features.html#rsa_key_pair_operations">link</a>). You should be able to generate the key inside on the application core and then send it to the modem. I don&#39;t know if this is safe enough for you as the key is present on the application core for a small amount of time.</p> <p>Best regards,</p> <p>Simon D-M</p><div style="clear:both;"></div>