ECDSA curves and certificates in 1.0.2X vs 1.1.x

Viktor Dukhovni openssl-users at
Wed Jun 26 08:59:55 UTC 2019

On Tue, Jun 25, 2019 at 10:38:50AM -0400, Michael Richardson wrote:

> openssl req -new -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 \
>                 -nodes -subj "/CN=${ULA_HOSTNAME}" \
>                 -keyout ${KEY_NAME}.key -out ${KEY_NAME}.csr -outform DER \
>                 -reqexts SAN \
>                 -config /tmp/shg.ossl.cnf

This generates a key that has explicit parameters (rather than a named
curve) also in OpenSSL 1.0.2h, for example.  Since you probably want
to use named curves, with 1.0.2 you'll have to generate the key separately,
and explicitly indicate that you want a named curve key.  For that also
include an additional:

	-pkeyopt ec_param_enc:named_curve

option.  This was not on by default in OpenSSL 1.0.2.

> ***
>   My question is: is there some build options that I can't see that might have
>   affected this?  Made it work before.  My impression is that 1.0.x did *not*
>   support ECDSA certificates, yet it seemed to generate CSRs, just does not put in the
>   right OIDs in the public parts such that it is recognized by others.
> ***

OpenSSL 1.0.2 has reasonably complete ECDSA support, but various
aspects of the implementation are better in 1.1.1.


More information about the openssl-users mailing list