Error when Creating a Code-Signing Certificate for the Espressif ESP32

tungnt wrote on January 20, 2019:

Hi,

I am following this instruction:
[https://docs.aws.amazon.com/freertos/latest/userguide/ota-code-sign-cert-esp.html]

And I got an error in 2nd step:


$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve -outform PEM -out ecdsasigner.key
parameter setting error
140736032478152:error:06089094:digital envelope routines:EVP_PKEY_CTX_ctrl:invalid operation:/BuildRoot/Library/Caches/com.apple.xbs/Sources/libressl/libressl-22.50.2/libressl/crypto/evp/pmeth_lib.c:410:
$ openssl version
LibreSSL 2.2.7
$ ls -a
.           ..          cert_config

Did anyone face this problem before?

I encountered this problem too. It seems to be a problem with the openssl library that is preinstalled on your system. Here’s what worked for me:

  1. Install homebrew (if you haven’t already)
  2. brew install openssl
  3. Run brew --prefix openssl to get the location of the binary you just installed (for me this was /usr/local/opt/openssl@1.1/bin/openssl)
  4. Run the genpkey command using the path to the binary /usr/local/opt/openssl@1.1/bin/openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve -outform PEM -out ecdsasigner.key
1 Like