Dotenvx
DocumentationLearnPrivate Keys

Managing Private Keys

Learn how to view and manage private keys with Dotenvx.

Generating

Run dotenvx encrypt to generate a private key.

$ dotenvx encrypt
◈ encrypted (.env) + local key (.env.keys)

The private key is written:

  • Traditional: written locally to a .env.keys file.
  • With Ops ⛨: written remotely to your account – as an armored key.
# .env.keys - DO NOT commit to source control
DOTENV_PRIVATE_KEY=dcd72b6a81ba7ec9af83d63720189c353b02bdef831fbe7a6712632204056a36

Uploading

Coming soon. dotenvx armor up.

Viewing

CLI

Use dotenvx keypair to view the private key from the CLI.

$ dotenvx keypair --pp
{
  "DOTENV_PUBLIC_KEY": "0300aaf826449ff86c2758a598d48226c4915e2435c51f8aee5668443464aecc79",
  "DOTENV_PRIVATE_KEY": "dcd72b6a81ba7ec9af83d63720189c353b02bdef831fbe7a6712632204056a36"
}
  • DOTENVX_PUBLIC_KEY: Used to encrypt values and lives in the .env file.
  • DOTENVX_PRIVATE_KEY: Used to decrypt values and lives in the .env.keys file.

UI

Ops ⛨ users can additionally view all their private keys in the UI.

ops.dotenvx.com