msol

a blog made of words

Create a self-signed ECC certificate

Mike Solomon

Self-signed certificates and Elliptic Curve Cryptography

There are many reasons to self-sign SSL certificates, but I find them particularly useful for staging sites and in the early stages of a project.

I have a three command guide to self-signing an SSL certificate if you aren’t interested in ECC.

If you are interested in ECC, you may know that the main reason for using elliptic curves as the basis for communication over SSL is the small key size – where regular DSA would require 1024 bits, ECDSA (the elliptic-curve variant of DSA) would require about 160 bits. The computational power required for communication over ECDSA is also less.

This is only likely to matter in embedded systems or other highly-constrained environments.

If you are considering specifically using an ECDSA certificate like the one generated here with OpenSSL, it is probably worth reading a more detailed description by Bruce Schneier.

If you are sure you want an ECC-based certificate, doing so is just as easy as any other self-signed certificate with OpenSSL, provided that your version supports ECDSA. The commands below have been verified to work on OSX 10.8.

OpenSSL commands

openssl ecparam -genkey -name prime256v1 -out key.pem
openssl req -new -sha256 -key key.pem -out csr.csr
openssl req -x509 -sha256 -days 365 -key key.pem -in csr.csr -out certificate.pem
openssl req -in csr.csr -text -noout | grep -i "Signature.*SHA256" && echo "All is well" || echo "This certificate will stop working in 2017! You must update OpenSSL to generate a widely-compatible certificate"

The first command is the only one specific to elliptic curves. It generates a private key using a standard elliptic curve over a 256 bit prime field. You can list all available curves using

openssl ecparam -list_curves

or you can use prime256v1 as I did.

The second command generates a Certificate Signing Request and the third generates a self-signed x509 certificate suitable for use on web servers.

The check at the end ensures you will be able to use your certificate beyond 2016. OpenSSL on OS X is currently insufficient, and will silently generate a SHA-1 certificate that will be rejected by browsers in 2017. Update using your package manager, or with Homebrew on a Mac and start the process over.

More on ECC

If you’re interested in elliptic curve cryptography, Wikipedia has a good introduction that includes the math behind it, as well as more specific information on ECDSA in particular. As usual, there are good links from there to learn more.