If you have a look at a certificate encrypting google.com it advertises a 256-bit ECC key with ECDSA_P256
parameter. The signature algorithm is sha256RSA. I've been trying to achieve something similar by running the below set of commands, but since the -digest
parameter I use is -sha256
the result is always sha256ECDSA signature algorithm. So the question is - how Google did that and is that achievable with OpenSSL (1.1.1k)?
Is it a result of the fact that their cert is signed by a CA cert that is RSA and not ECDSA (while mine is a self-signed ECDSA root cert)?
openssl genpkey -genparam -out ./hmca-ec.param -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1
openssl genpkey -paramfile ./hmca-ec.param -out ./hmca-ec.key -pass pass:"pass" -aes-256-ecb
openssl req -x509 -new -key ./hmca-ec.key -sha256 -days 365 \
-config ./hmca.conf -reqexts SAN -extensions SAN -out ./hmca-ec.crt
conf file (if it matters) looks like this:
[req]
distinguished_name = dirsect
x509_extensions = SAN
req_extensions = SAN
prompt = no
[SAN]
subjectKeyIdentifier=hash
subjectAltName = dirName:dirsect
extendedKeyUsage = serverAuth, clientAuth
basicConstraints = CA:TRUE
keyUsage = critical, digitalSignature, keyAgreement, keyCertSign
[dirsect]
C = US
O = a
CN = b