-----BEGIN ENCRYPTED PRIVATE KEY-----
A .... MANY LINES LIKE THAT ....
-----END ENCRYPTED PRIVATE KEY-----
... JWKs are the same, but formatted using JSON:
"kid":"HMAC key used in JWS spec Appendix A.1 example"}
ORY Hydra offers an API for generating and managing JWKs, the
JSON Web Keys API. When using persistent storage
backends, the keys are encrypted at rest using AES256-GCM and the system
secret. The system secret is generated by default and overridden by the
JWKs are well supported amongst all languages. This endpoint helps you managing certificates, private, public and symmetric keys. It is important to never transport keys over insecure channels such as http.
The REST API Documentation will give you details on the various endpoints.
Hydra generates a couple of JSON Web Keys in order to operate correctly:
http://localhost:4445/keys/hydra.openid.id-token: A RSA public/private key pair for signing and validating OpenID Connect ID Tokens.
http://localhost:4445/keys/https-tls: A RSA public/private key pair and a certificate for signing HTTP over TLS.