Before generating a private key, you’ll need to decide which elliptic curve to use. To list the supported curves run:
openssl ecparam -list_curves
The list is quite long and unless you know what you’re doing you’ll be better off choosing one of the
secp*. For this tutorial I choose
secp521r1 (a curve over 521bit prime).
Generating the certificate is done in two steps: First we create the private key, and then we create the self-signed X509 certificate:
openssl ecparam -name secp521r1 -genkey -param_enc explicit -out private-key.pem openssl req -new -x509 -key private-key.pem -out server.pem -days 730
The newly created server.pem and private-key.pem are the certificate and the private key, respectively. The
-param_enc explicit tells openssl to embed the full parameters of the curve in the key, as opposed to just its name. This allows clients that are not aware of the specific curve name to work with it, at the cost of slightly increasing the size of the key (and the certificate).
You can examine the key and the certificate using
openssl ecparam -in private-key.pem -text -noout openssl x509 -in server.pem -text -noout
Most webservers expect the private-key to be chained to the certificate in the same file. So run:
cat private-key.pem server.pem > server-private.pem
server-private.pem as your certificate. If you don’t concatenate the private key to the certificate, at least Lighttpd will complain with the following error:
SSL: Private key does not match the certificate public key, reason: error:0906D06C:PEM routines:PEM_read_bio:no start line