Is it possible to configure Apache2 to use elliptic curve crypto (ecc) with SSL? This bug https://issues.apache.org/bugzilla/show_bug.cgi?id=40132 appears (to me) to indicate that this is supported, but I can't find any instructions anywhere.
Apache2 – SSL with ECC Configuration
apache-2.2mod-sslSecurity
Best Answer
Apache supports ECC Certificates and Protocols as of version 2.2.26. Though if you are using an Apache server from a distro's repository it may be the same version. Ubuntu for example added support in version 2.2.22-1ubuntu1.9.
If you have a version that supports ECC certificates, it should be enabled by default. Assuming you're using OpenSSL, the commands to generate an ECC key and CSR are:
ECC P-256 Key:
ECC CSR:
The installation steps for ECC certs in Apache are identical to RSA. You'd still specify the public key entry, private key entry, and the relevant intermediates. Just double check that your CA supports the issuance of ECC certificates. You can double check ECC compatibility to address any concerns with connecting clients.