[openssl-users] Generate ECC key with password protection

Ken Goldman kgoldman at us.ibm.com
Fri Jan 13 20:26:08 UTC 2017

On 1/13/2017 2:02 PM, Viktor Dukhovni wrote:
>> parameter setting error
>> 139854491113288:error:06089094:digital envelope
>> routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404:
> In that case, your OpenSSL library is broken, or was built without
> EC support.  Perhaps you're running the wrong openssl(1) binary.

Perhaps++.  The command ran on a 1.0.2 platform.

> EC key creation is supported in 1.0.2:

openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

The C API's seem to support EC.  Perhaps the openssl binary does not?

RHEL 6.7 is still at 1.0.1.

Can I create the key and certificates on the 1.0.2 platform and use them 
with the C API on 1.0.1?

More information about the openssl-users mailing list