ELLIPTIC_CURVE - Universal Certificate configuration option
Description
The ELLIPTIC_CURVE option specifies the name of the Elliptic Curve used to generate the EC (Elliptical Curve) keys upon creating a certificate request. This option only applies if the PRIVATE_KEY_TYPE is set to EC.
Usage
Method | Syntax | IBM i | HP NonStop | UNIX | Windows | z/OS |
---|---|---|---|---|---|---|
Command Line, Short Form | -S name | |||||
Command Line, Long Form | -elliptic_curve name | |||||
Environment Variable | UCRELLIPTICCURVE=name |
Values
name is the Elliptic Curve name supported by OpenSSL.
Valid values for name are:
- secp112r2 (110 bit key; equivalent to 512 bit RSA key)
- secp160r1 (161 bit key; equivalent to 1024 bit RSA key)
- secp224k1 (225 bit key; equivalent to 2048 bit RSA key)
- prime256v1 (256 bit key; equivalent to 3072 bit RSA key)
- secp384r1 (384 bit key; equivalent to 7680 bit RSA key)
Default is prime256v1.