HI!
I have a problem creating a elliptic curve 's certificate and a private key.
Here is the error :
OpenSSL> ca -policy policy_anything -days 730 -md sha256 -out tbug-cert.pem -infiles tbug-req.pem
Using configuration from /usr/local/ssl/openssl.cnf
CA certificate and CA private key do not match
3084:error:0B080073:x509 certificate routines:X509_check_private_key:key type mismatch:x509_cmp.c:402:
error in ca
Here is the script :
openssl ecparam -genkey -text -name prime256v1 -out ../ca/ca.key
openssl req -new -x509 -days 3652 -key ../ca/ca.key -sha256 -out cacert.pem
pkcs12 -export -in cacert.pem -inkey ../ca/ca.key -name ca-ecc256key -out ca.p12 -passout pass:pswd
openssl ecparam -genkey -text -name prime256v1 -out tbug-key-unprotected.pem
# to password protect the pvt key, run this next line
openssl ec -in tbug-key-unprotected.pem -out tbug-key.pem -aes128 -passout pass:pswd
#-----------------------------------------------------------------------
# generate a user CSR (unsigned)
openssl req -new -x509 -days 730 -sha256 -key tbug-key.pem -out tmp.pem -passin pass:pswd
# sign it
openssl x509 -x509toreq -sha256 -in tmp.pem -signkey tbug-key.pem -passin pass:pswd -out tbug-req.pem
openssl ca -policy policy_anything -days 730 -md sha256 -out tbug-cert.pem -infiles tbug-req.pem
can anyone help me find what's wrong??? thanks...
