On 30/06/16 16:54, Salz, Rich wrote: >> Since X25519 is not the first "encrypt-only" algorithm in the >> OpenSSL universe, how was requesting certificates handled for >> such algorithms in the past? > > It wasn't. > >> For example how would one request a DH certificate? > > You couldn't. > > I don't recall anyone ever asking for such a thing on the public lists. >
There is no standardised way of requesting a DH certificate that I know of. Nonetheless OpenSSL does support the generation of DH certificates, but it's a bit nasty: https://security.stackexchange.com/questions/44251/openssl-generate-different-types-of-self-signed-certificate/82868#82868 Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
