Share via

How to: Create a Public/Private Key Pair

To sign an assembly with a strong name, you must have a public/private key pair. This public and private cryptographic key pair is used during compilation to create a strong-named assembly. You can create a key pair using the Strong Name tool (Sn.exe). Key pair files usually have an .snk extension.


In Visual Studio 2005, the C#, Visual Basic, and Visual J# integrated development environments (IDEs) allow you to generate key pairs and sign assemblies without the need to create a key pair using Sn.exe. These IDEs have a Signing tab in the Project Designer. The Visual C++ IDE allows you to specify the location of an existing key file in the Advanced property page in the Linker section of the Configuration Properties section of the Property Pages window. The use of the AssemblyKeyFileAttribute to identify key file pairs has been made obsolete in Visual Studio 2005.

To create a key pair

  • At the command prompt, type the following command:

    sn –k <file name>

    In this command, file name is the name of the output file containing the key pair.

The following example creates a key pair called sgKey.snk.

sn -k sgKey.snk

If you intend to delay sign an assembly and you control the whole key pair (which is unlikely outside test scenarios), you can use the following commands to generate a key pair and then extract the public key from it into a separate file. First, create the key pair:

sn -k keypair.snk
  • Next, extract the public key from the key pair and copy it to a separate file:
sn -p keypair.snk public.snk
  • Once you create the key pair, you must put the file where the strong name signing tools can find it.

When signing an assembly with a strong name, the Assembly Linker (Al.exe) looks for the key file relative to the current directory and to the output directory. When using command-line compilers, you can simply copy the key to the current directory containing your code modules.

If you are using an earlier version of Visual Studio that does not have a Signing tab in the project properties, the recommended key file location is the project directory with the file attribute specified as follows:

<Assembly: AssemblyKeyFileAttribute("..\..\key.snk")>
[assembly: AssemblyKeyFileAttribute(@"..\..\key.snk")]

See Also

Other Resources

Creating and Using Strong-Named Assemblies