[openssl-users] ed25519 self-signed root cert
Robert Moskowitz
rgm at htt-consult.com
Fri Jul 27 14:36:47 UTC 2018
genpkey worked without those options. I am going to have to look at the
RFC again, as there are different types of ed25519 certs, but how will
that work out in openssl? I will have to remember back to a
conversation at had at IETF 100...
Anyway error on the next step:
# openssl req -config $dir/openssl-root.cnf\
> -set_serial 0x$(openssl rand -hex $sn)\
> -keyform pem -outform pem\
> -key $dir/private/ca.key.pem -subj "$DN"\
> -new -x509 -days 7300 -extensions v3_ca\
> -out $dir/certs/ca.cert.pem
Enter pass phrase for /root/ca/private/ca.key.pem:
3064983568:error:1010F08A:elliptic curve routines:pkey_ecd_ctrl:invalid
digest type:crypto/ec/ecx_meth.c:801:
where dir=/root/ca
More information about the openssl-users
mailing list