Key generation requirements for TLS ECDHE-ECDSA-AES128-GCM-SHA256

Question

I was wondering if there are minimum key-generation requirements for ECDHE-ECDSA-AES128-GCM-SHA256 and ECDHE-ECDSA-AES128-GCM-SHA256? I am trying to get a TLS client and se

Answer 1

You are making the wrong kind of key with

 openssl genrsa -out ca-key.pem 4096 

You need to use ecparam

openssl ecparam -name secp521r1 -out ca-key.pem -genkey

and

openssl ecparam -name secp521r1 -out client-key.pem -genkey

genrsa generates an RSA key that, when used with ECDHE, authenticates the Elliptic Curve Diffie Hellman key Exchange (ECDHE).

The ECDSA in ECDHE-ECDSA-AES128-GCM-SHA256 means you need the Elliptic Curve Digital Signature Algorithm to authenticate that key. Because you don't have those kind of keys, the command fails. However, ECDHE-RSA-AES256-GCM-SHA384 works because it uses RSA keys which you have.

You are getting sha384 because openssl picks the strongest cipher suite and all things being equal sha384 is better than sha256. You can override this, and it looks like you did so with --cipher.

Note you may want to use a different curve. You can get the full list with

openssl ecparam -list_curves

Out of curiosity, why that specific cipher suite? ECDHE and ECDSA are state of the art, but sha256 is just standard, and well AES 128 is certainly good enough, people tend to use 256 if they are being as cautious as the ECDHE and ECDSA stuff implies.