Cryptography is highly complicated subject. It is very easy to mess things up in a single piece of code and compromise the security of the overall solution. To be able to generate safe keys for encryption, you'd need very strong knowledge in cryptography, which you're not going to infer from a single book or internet discussion. If you're interested, you might read how some innocuous shortcomings in the design and use of the Enigma encoding machine
helped the allies break the cipher in the WW2.
If you need the encryption to survive a determined attack, you should definitely obtain proper security certificate from a professional company and use that to do the encryption. Somebody (not me) might be able to help you with the details. If this top-notch security is not actually your goal, a simpler solution
might suffice. In any case, the
Security forum would be probably better suited for the discussion.