Create a ECDSA public certificate using OpenSSL on Linux
by
Jeremy Canfield |
Updated: March 4th, 2020
| OpenSSL articles
A trusted certificate is one that is purchased from a trusted certificate authority (CA), such as www.verisign.com. Internet facing production applications should use a certificate from a trusted CA. For non-production applications, a self-signed certificate can be used. Applications, such as a web browser, will complain when a self-signed certificate is used.
Use apt-get or yum to install OpenSSL.
~]# apt-get install openssl
~]# yum install openssl
Private key
This assumes you've already created a private key, such as example.com.key. If not, refer to our article on creating a private key.
Certificate
Create an ECDSA certificate.
~]# openssl req -x509 -new -key /etc/pki/tls/private/ec_private.key -out /etc/pki/tls/certs/ec_certificate.crt
There will be a series of prompts.
| Area | Example | Description |
|---|---|---|
| Password | myPassword | Password |
| Country Name | US | United States |
| State/Province | FL | Florida |
| Locality Name | Miami | City |
| Organization Name | Example, Inc. | Company name |
| Organization Unit Name | Example, Inc. | Company name |
| Common Name | www.example.com | Domain name |
| Email Address | admin@example.com | Admin email |
View the content of the ec_certificate.crt file and ensure BEGIN CERTIFCATE is displayed.
~]# cat /etc/pki/tls/certs/certificate.crt
-----BEGIN CERTIFICATE-----