Resolved #93 by adding a section the README detailing how to extract public / private keys from an x509 certificate.

1 files changed, 16 insertions, 0 deletions

diff --git a/README.md b/README.md
index de8e377..9882f3c 100644
--- a/README.md
+++ b/README.md
@@ -247,6 +247,22 @@ decoded = jwt.decode(token, 'secret', audience='urn:foo')
 
 If the audience claim is incorrect, `jwt.InvalidAudienceError` will be raised.
 
+## Frequently Asked Questions
+
+**How can I extract a public / private key from a x509 certificate?**
+
+The `load_pem_x509_certificate()` function from `cryptography` can be used to
+extract the public or private keys from a x509 certificate in PEM format.
+
+```python
+from cryptography.x509 import load_pem_x509_certificate
+from cryptography.hazmat.backends import default_backend
+
+cert_str = "-----BEGIN CERTIFICATE-----MIIDETCCAfm..."
+cert_obj = load_pem_x509_certificate(cert_str, default_backend())
+public_key = cert_obj.public_key()
+private_key = cert_obj.private_key()
+```
 
 ## License