fix(doc) calirfy how to generate the keys for public validation

doc/tokens.md

@@ -21,6 +21,15 @@ found here: [http://jwt.io/#libraries-io]
 For the **Public Key Validation** a _key server_ must be provided via `asap_key_server` to verify the token against a 
 provided public key on the given key server. An example structure can be view in [Example Structure > Publiy Key Validation](#public-key-validation)
 
+This is how you generate the keys:
+```
+openssl genrsa -out keypair.pem 2048
+openssl rsa -in keypair.pem -pubout -out publickey.pem
+openssl pkcs8 -topk8 -inform PEM -outform DER -nocrypt -in keypair.pem -out moderated.der
+```
+Get the private_key_id through this command echo -n [NAME_OF_PRIVATE_KEY.der] | shasum -a 256 and change the publickey.pem name to the fetched private_key_id
+
+
 JWT authentication works with BOSH and WebSocket connections.
 
 ### Token Structure
@@ -303,4 +312,4 @@ Modify your Prosody config with these three steps:
     ```
 
 [RFC7519]: https://tools.ietf.org/html/rfc7519
-[http://jwt.io/#libraries-io]: http://jwt.io/#libraries-io
+[http://jwt.io/#libraries-io]: http://jwt.io/#libraries-io