Benjamin Peterson added the comment:
ECC certs using named curves have to have the OPENSSL_EC_NAMED_CURVE flag set.
Pass -pkeyopt ec_param_enc:named_curve to the openssl req.
--
nosy: +benjamin.peterson
resolution: -> not a bug
status: open -> closed
__
New submission from Evgeny Kapun:
I tried to use ssl module to create a server with a certificate that uses an
ECC key. However, this didn't work. Here is how to reproduce this:
First, generate a key and a certificate:
$ openssl req -newkey ec -pkeyopt ec_paramgen_curve:prime256v1 -x509
-
