How do I create an ECDSA certificate with the OpenSSL command-line

Question

I\'m building a server app in C++ that needs to accept a certificate containing an ECDSA public key. It must validate the certificate and, upon verification, use the public key

Answer 1

If you haven't chosen a curve, you can list them with this command:

openssl ecparam -list_curves

I picked secp256r1 for this example. Use this to generate an EC private key if you don't have one already:

openssl ecparam -out ec_key.pem -name secp256r1 -genkey 

And then generate the certificate. Your certificate will be in cert.pem.

openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem

See also: req, ecparam