On Wed, May 28, 2014, Sverre Moe wrote: > I found something quite peculiar with my ECC Certificate from DigiCert. > > Signature algorithm used in this Certificate: > Shown in Chromium: > PKCS #1 SHA-256 with RSA-encryption > Output in a Java program with debugging -Djava.net.debug=ssl: > Algorithm: [SHA256withRSA] > > > Shouldn't it actually be SHA256withECDSA used as Signing Algorithm for the > certificate? >
Not necessarily. The signature on a certificate is made using the key of its parent CA. So that means that the parent CA uses an RSA key and not an ECDSA key. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
