query related to openssl certificate generation of Ed X25519,X448

Sowmya P sowmyapatteda at gmail.com
Thu Jun 6 06:46:06 UTC 2019

Hi ,
Have query regarding generation of X255519 and X448 certificate chain

Below is the script which i used to generate certificate chain of Ecdsa

Now for generating EdDSA certificate chain I am using command from (
https://github.com/openssl/openssl/issues/6201). But with this command I am
able to generate only certificate and private key pair. But not able to
generate certificate chain.

Below is the command used for generating end entity cert

Openssl req -config openssl.cnf -new -key serverkey.pem
-subj”/C=IN/ST=kar/L=En/0=htipl/OU=team/CN=server” -outr server_cert.csr

Openssl ca -config openssl.cnf  -cert rootcert.pem -key rootkey.pem
-extensions usr_cert -subj -days 360 -md sha256 -in server_cert.csr -out
   When i executed above command below errro is thrown

Cant open ./root/private/cakey.pem for reading no such file or directory
 System library:fopen:no such file or directory:crypto/bio/bss_file.c :72
Bio routines :BIO_new_file:no such file crypto/bio:bss_file.c

Tried another command to generated server cert that is openssl x509 -req
-days 360 -in server_cert.csr -signkey rootykey.pem -sha256 -out

For this       elliptic curve routines:pkey_ecd_ctrl:invalid digest
 error will be thrown

Please help me out to resolve this issue

Thanks ,
Soumya pattada.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190606/3914b3a4/attachment-0001.html>

More information about the openssl-users mailing list