By larrylanden
I want to use TLS/SSL on my website (VPS is CentOS with a LAMP stack), but I want to use Elliptic Curve Cryptography for the cipher and sha256 (or other SHA-2 algorithm) for the signature hash algorithm. I am currently using RSA with SHA256, but want to change.
I know that TLS/SSLincludes the cipher/security algorithm (like RSA or ECC) together with a signature hash algorithm (SHA-1, or one of the SHA-2 algorithms), and I know that RSA with SHA-1 is the most common currently.
I am using TLS/SSL with RSA and sha256, but it fails when I attempt to apply an ECC TLS. Please help.
I create my ECC private key and CSR with these OpenSSL commands: openssl ecparam -genkey -text -name secp521r1 -out example-ecc.key openssl req -new -key example-ecc.key -sha256 -out example-ecc.csr I got the TLS/SSL Certificate back from a CA, and modified the .conf file to change from the RSA cert to the ECC cert, but then Apache won’t start.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi Larry, <br> <br>Could you post the error messages you log when Apache fails to start?
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.