Creating an ECDSA Certificate
Creating an ECDSA Certificate
There are two steps in creating an ECDSA certificate:
- First step is performed by the party that wants the certificate.
- Second step is performed by the Certificate Authority (CA) that creates the certificate.
Step 1
Step one is creating the certificate request. The certificate request will then be sent to the CA that verifies the request and creates the certificate from the request. The command that creates the certificate request also creates a private key. The private key must be secured so that only the entity identified by the certificate request has read access.
The following Universal Certificate command creates:
- Certificate request, which it writes it to file req.pem
- Private key, which it writes it to file pkey.pem
ucert -create request -request_file req.pem -private_key_file pkey.pem -private_key_type EC -country US -state Maryland -locality Baltimore -organization "Acme, Inc." -common_name "Joe Buck"
Step 2
Step two is for the CA to create a certificate from the request and sign it with the CA's private key.
The following Universal Certificate command creates the certificate and writes it to file cert.pem.
ucert -create cert -request_file req.pem -cert_file cert.pem -private_key_file cakey.pem -ca_cert_file cacert.pem