I use below command openssl ecparam -out key.pem -name prime256v1 -genkey. I am using another 3rd Party tool SIPp. Below is the method that sets the SSL CTX
ssl_init_status FI_init_ssl_context (void) { sip_trp_ssl_ctx = SSL_CTX_new( TLSv1_method() ); if ( sip_trp_ssl_ctx == NULL ) { ERROR("FI_init_ssl_context: SSL_CTX_new with TLSv1_method failed"); return SSL_INIT_ERROR; } sip_trp_ssl_ctx_client = SSL_CTX_new( TLSv1_method() ); if ( sip_trp_ssl_ctx_client == NULL) { ERROR("FI_init_ssl_context: SSL_CTX_new with TLSv1_method failed"); return SSL_INIT_ERROR; } /* Load the trusted CA's */ SSL_CTX_load_verify_locations(sip_trp_ssl_ctx, tls_cert_name, NULL); SSL_CTX_load_verify_locations(sip_trp_ssl_ctx_client, tls_cert_name, NULL); /* CRL load from application specified only if specified on the command line */ if (strlen(tls_crl_name) != 0) { if(sip_tls_load_crls(sip_trp_ssl_ctx,tls_crl_name) == -1) { ERROR("FI_init_ssl_context: Unable to load CRL file (%s)", tls_crl_name); return SSL_INIT_ERROR; } if(sip_tls_load_crls(sip_trp_ssl_ctx_client,tls_crl_name) == -1) { ERROR("FI_init_ssl_context: Unable to load CRL (client) file (%s)", tls_crl_name); return SSL_INIT_ERROR; } /* The following call forces to process the certificates with the */ /* initialised SSL_CTX */ SSL_CTX_set_verify(sip_trp_ssl_ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, sip_tls_verify_callback); SSL_CTX_set_verify(sip_trp_ssl_ctx_client, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, sip_tls_verify_callback); } /* Selection Cipher suits - load the application specified ciphers */ SSL_CTX_set_default_passwd_cb_userdata(sip_trp_ssl_ctx, (void *)CALL_BACK_USER_DATA ); SSL_CTX_set_default_passwd_cb_userdata(sip_trp_ssl_ctx_client, (void *)CALL_BACK_USER_DATA ); SSL_CTX_set_default_passwd_cb( sip_trp_ssl_ctx, passwd_call_back_routine ); SSL_CTX_set_default_passwd_cb( sip_trp_ssl_ctx_client, passwd_call_back_routine ); if ( SSL_CTX_use_certificate_file(sip_trp_ssl_ctx, tls_cert_name, SSL_FILETYPE_PEM ) != 1 ) { ERROR("FI_init_ssl_context: SSL_CTX_use_certificate_file failed"); return SSL_INIT_ERROR; } if ( SSL_CTX_use_certificate_file(sip_trp_ssl_ctx_client, tls_cert_name, SSL_FILETYPE_PEM ) != 1 ) { ERROR("FI_init_ssl_context: SSL_CTX_use_certificate_file (client) failed"); return SSL_INIT_ERROR; } if ( SSL_CTX_use_PrivateKey_file(sip_trp_ssl_ctx, tls_key_name, SSL_FILETYPE_PEM ) != 1 ) { ERROR("FI_init_ssl_context: SSL_CTX_use_PrivateKey_file failed"); return SSL_INIT_ERROR; } if ( SSL_CTX_use_PrivateKey_file(sip_trp_ssl_ctx_client, tls_key_name, SSL_FILETYPE_PEM ) != 1 ) { ERROR("FI_init_ssl_context: SSL_CTX_use_PrivateKey_file (client) failed"); return SSL_INIT_ERROR; } return SSL_INIT_NORMAL; } Thanks in Advance Regards Darshan -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Matt Caswell Sent: Sunday, May 25, 2014 6:31 PM To: openssl-users@openssl.org Subject: Re: SSL_CTX_use_PrivateKey_file On 25/05/14 13:11, Mody, Darshan (Darshan) wrote: > Hi, > > > > When I try to read the EC Private Key file I get an error from the > openssl. > > > > Is there another way to use the Elliptic curved Private key. Please > note that I generate the Public and Private keys via the command lines > and use the public-private key in my program > I think we need a bit more to go on. Can you post the commands you used to generate your keys, the error you are getting, and the code you are using to read the private key? Thanks Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org