This short article shows command lines to generate a key pair in PEM format and a JWK representing a self-signed certificate for the key pair with the x5c claim. 1. Create a private key openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 > private_key.pem NOTE: Be sure that openssl is from OpenSSL, not LibreSSL. 2. Extract the public key from the private key openssl pkey -pubout…