If you create a selfsigned certificate, the signature algorithm will obviously be that of the public key of the certificate. If you use an EC key, you can only end up with a ecds-with* signature. If you want sha1WithRSAEncryption, you need to create a RSA key. Or have your EC-certificate signed by a RSA-based CA instead of a selfsigned certificate.
cheers Mat On Thursday 22. August 2013 14:10:32 you wrote: > Hi, > I am facing an issue while I am trying to create a sample self-signed > certificate using openssl -req for EC Cipher suites. > > > *Requirement:* > I need to install a self-signed certificate for the cipher suite > ECDH-RSA-AES128-SHA which has the following attributes:- > > 1. Signature Algorithm: *sha1WithRSAEncryption* > and > 2. *EC Public Key *with curve type as* prime256v1.* > > > I tried the following open-ssl commands but ended up with a certificate > that has a signature algorithm as *ecdsa-with-SHA1 with an EC Public > Key *having > curve type as *prime256v1.* > > a>* openssl ecparam -out ec_rsa_key.pem -name prime256v1 -genkey* > b> *openssl req -new -x509 -days 365 -key ec_rsa_key.pem -sha1 -out > ec_rsa.pem* > > What could I be missing here? Or is there any downloadable sample > certificates & private key which has the required attributes? > > Regards > Tanmoy Sinha ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
