Collectives™ on Stack Overflow
Find centralized, trusted content and collaborate around the technologies you use most.
Learn more about Collectives
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more about Teams
I'm building a server app in C++ that needs to accept a certificate containing an ECDSA public key. It must validate the certificate and, upon verification, use the public key contained in the certificate to authenticate a message sent along with the certificate.
I have all this working using ECDSA keypairs generated on the fly - i.e. my code is working nicely - but now I need to do the certificate piece.
And I figured I could use OpenSSL's command-line to create the certificate which is installed on the client (along with the ECDSA private key in a separate file).
Can anyone help?
If you haven't chosen a curve, you can list them with this command:
openssl ecparam -list_curves
I picked secp256r1 for this example. Use this to generate an EC private key if you don't have one already:
openssl ecparam -out ec_key.pem -name secp256r1 -genkey
And then generate the certificate. Your certificate will be in cert.pem.
openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem
See also: req, ecparam
–
–
–
–
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
