genpkey worked without those options. I am going to have to look at the
RFC again, as there are different types of ed25519 certs, but how will
that work out in openssl? I will have to remember back to a
conversation at had at IETF 100...
Anyway error on the next step:
# openssl req -config $dir/openssl-root.cnf\
> -set_serial 0x$(openssl rand -hex $sn)\
> -keyform pem -outform pem\
> -key $dir/private/ca.key.pem -subj "$DN"\
> -new -x509 -days 7300 -extensions v3_ca\
> -out $dir/certs/ca.cert.pem
Enter pass phrase for /root/ca/private/ca.key.pem:
3064983568:error:1010F08A:elliptic curve routines:pkey_ecd_ctrl:invalid
digest type:crypto/ec/ecx_meth.c:801:
where dir=/root/ca
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
