OpenSSL Generate ECDH Public Key

I am trying to use the OpenSSL command line to generate a ECDH public key that meets the following specifications:

Use a Base64 encoded X.509 SubjectPublicKeyInfo structure containing a ECDH public key for group P256

They following commands provide me with a key:

openssl ecparam -name prime256v1 -out prime256v1.pem openssl ecparam -in prime256v1.pem -genkey -noout -out prime256v1-key.pem openssl ec -in prime256v1-key.pem -pubout -out pubkey.pem  Key: MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE85KGK3YiX7tC7mFm+Te1xRYOeDq23h80MPPt1nMZ/ZRpwjRGPEUr6vaoOCB8QC3uHmaPKOAgQ0Kk9Sc4M1QUmA== 

However this key is not being accepted by the API I am accessing.

An example key that is working is:


This example key is 44 (Base64) bytes shorter and has a slightly different SubjectPublickKeyInfo signature.

My question is what is the difference between these two keys and how could I use the OpenSSL command line tools to generate such a key pair.


Category: openssl Time: 2016-07-28 Views: 1

Related post

  • How to supply OpenSSL generated Private & Public Keys to iOS & Android apps? 2012-06-12

    The problem statement is: To supply clients on a network with individual Private & Public keys generated on a Server over the wire(over a HTTPS connection after they are registered). The clients are iOS & Android apps, and the server is generating

  • generate RSA public key having public modulus and exponent 2015-09-29

    i want to generate an RSA public public key file using openssl (or other tools) having public modulus and exponent, so i can use it later to encrypt files i have this: the modulus: "BEB90F8AF5D8A7C7DA8CA74AC43E1EE8A48E6860C0D46A5D690BEA082E3A74E1&quo

  • TLS 1.2 Handshake: How is the ECDHE public key signed by server? 2015-01-23

    I am dealing with a situation where a cipher option, such as ECDHE-ECDSA-AES128-SHA, is chosen for establishing a TLS connection. In this case, a server, when sending the ServerKeyExchange message to the client, is required to sign the ephemeral (EC)

  • Preventing someone to generate a public key from a private one? 2016-06-08

    From what I read, encryption algorithms such as RSA permits to generate the public key from the private one. Long story short, for a thesis I'm writing, I thought to solve a security issue with users editing data maliciously by giving away the privat

  • Generate a public key certificate signed by CA with OpenSSL 2014-07-04

    I am working on a webservice that requires a signature in the sent and received messages. After sending a certificate request to the entity that will consume the webservice, they sent me (in addition to their public key) 3 certificate authority certi

  • generating private-public keys using ssh-keygen in unix 2011-02-14

    i want to generate a public- private key on sever 1 and store it a location which is not the default location. then save the public key on server 2 NOT at the default location. then make this key an authorised key. i cannot find authorised_keys file

  • Reuse of a DH / ECDH public key 2013-10-13

    I was wondering whether it is safe to use the same DH or ECDH key pair in more than one key agreement, particularly if these public keys are in a public registry. These public keys could be used by your counterparts (who also have their public keys i

  • Unable to generate ssh public key when installing Redmine 2014-03-20

    I am trying to set up a Redmine on my server, and I am following THIS setup guide. I have used this guide before on my VPS and it worked perfectly however on this server I get following error when I try to generate public key. aristotle:~# sudo su -

  • How to generate a public key from a private ECDSA key? 2012-12-18

    Having some specific ECDSA curve and a private key, how does one calculate the public key? I am having a hard time finding the algorithm and equations for it. --------------Solutions------------- The write up on Wikipedia is pretty good. I won't go i

  • How do I convert a ssh-keygen public key into a format that openssl PEM_read_bio_RSA_PUBKEY() function will consume? 2011-12-15

    I'm having an issue generating a public key that the openssl PEM_read_bio_RSA_PUBKEY() function can consume. I keep getting errors. Obviously I cannot simply use the ASCII string in the ssh-keygen <>.pub key file as it is in SSH file format or I per

  • How to exctract ECDH parameters from an OpenSSL-generated $G$? 2015-10-03

    I'm using ECDH for generating ECDH public parameters (p,a,b,G,n), I try to get this values using openssl ecparam -in cert.pem -text -noout For Generator $G=(x,y)$ I get : Generator (uncompressed): 04:aa:87:ca:22:be:8b:05:37:8e:b1:c7:1e:f3:20: ad:74:6

  • How can I generate some public and private keys on both sides with low overhead? 2014-07-27

    We have an Authority Center (CA) generating some public and private keys for each client (more than one pair for each client). One method for sending keys to client is sharing a secret key between CA and client, and then sending key pairs and certifi

  • Generate public key from private key 2014-09-01

    Can we generate a public key from a private key? --------------Solutions------------- By default, a user's SSH keys are stored in that user's ~/.ssh directory. You can check if your private key is in that directory by listing the contents: $ cd ~/.ss

  • Why is the private key generated first in public key crypto? 2015-01-05

    I'm still new to public key crypto. I'm trying to understand how it is that the private key is generated first in public key crypto? I would have expected the private and public key to be generated at the same time, as they would depend on each other

  • Who is responsible for generating public key during secure communication? 2016-07-22

    This must be easy but I am getting a little confused. Say,, it has a certificate which is signed by an intermediary CA. Who generated that public key that I can see in facebook certificate? Is it generated by Facebook or that intermediar

  • OpenSSL generate different types of self signed certificate 2013-10-22

    Does anyone know how to use OpenSSL to generate certificates for the following public key types: DSA - For DHE_DSS key exchange. Diffie-Hellman - For DH_DSS and DH_RSA key exchange. ECDH - For ECDH_ECDSA and ECDH_RSA key exchange. ECDSA - For ECDHE_E

  • Install gitolite without needing public key(s)? 2011-11-17

    All of our developers run Windows workstations. We run a Linux development server. I've been wanting to try out running our own git server on the dev server. After some research I've settled on trying to install gitolite. A lot of the tutorials on ho

  • RSA encryption : How to create ".arm" certificate file for Public key? 2012-08-20

    I am required to store a certificate as ".arm" file only for a public key that is intended for use in RSA Encryption. I am currently able to generate the public key as ".key" file. P.S I am new to encryption so, this may be a basic que

  • Make the public key unrecoverable given the private key 2013-02-12

    OpenSSL seems to bundle the private key together with the public key when it produces .pem files. Is there a way to prevent this from happening; i.e. prevent OpenSSL from creating a .pem private key with the public key in it? According to Wikipedia R

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development


Front-end development


development tools

Open Platform

Javascript development

.NET development

cloud computing


Copyright (C), All Rights Reserved.

processed in 0.696 (s). 13 q(s)