[openssl-users] mail encryption with ecdsa cert
clou
mail at iclou.ch
Sun Jan 28 10:58:42 UTC 2018
> On 26 Jan 2018, at 18:20, Kyle Hamilton <aerowolf at gmail.com> wrote:
>
> In order to use Elliptical Curves to encrypt, you would have to use
> the "Elliptical Curve Diffie-Hellman" algorithm to perform a key
> agreement. This requires that both the sender and the recipient have
> EC keys which are marked in their certificates as being for the
> purpose "keyAgreement”.
I have made sure that keyAgreement is in.
I get the following error
Error:
PKCS7_RECIP_INFO_set:encryption not supported for this key type
Key gen happens like this
/usr/local/bin/openssl ecparam -name secp521r1 -out secp521r1.pem
/usr/local/bin/openssl req -x509 -nodes -days 3650 -newkey ec:secp521r1.pem -keyout email-key.pem -out email.ch.pem
Which type of key do I need to generate? (for email signing and encryption).
Thanks a lot for any help !
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180128/145b3d84/attachment-0001.html>
More information about the openssl-users
mailing list