ecc is used for the public/private keys in openssh instead if RSA. also you must have a version of openSSL that supports ECC for it to work. both keys are modified slightly as they are both currently used.

# cat id_ecdsa.pub

**ecdsa-sha2-nistp256** AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAFJSNBBHt68UfLxSazUihGvq2/vDZhqoxr/kbZOKUqJvefajyexB9/7sCLnWPXraCa6nEcSplBpwAiOvKbJfrsp+h3HAE=

# openssl x509 -in cert.pem -text

Certificate:

Data:

Version: 3 (0x2)

Serial Number:

a5:19:d7:29:84:63

Signature Algorithm:

**ecdsa-with-SHA1**
Issuer: C=US, ST=SC, L=CHS, O=Internet Widgits Pty Ltd

Validity

Not Before: Apr 15 21:17:20 2011 GMT

Not After : Feb 2 21:17:20 2014 GMT

Subject: C=US, ST=SC, L=CHS, O=Internet Widgits Pty Ltd

Subject Public Key Info:

Public Key Algorithm: id-ecPublicKey

Public-Key: (256 bit)

pub:

04:a6:49:79:0f:ce:c6:19:ae:30:47:ee:dc:f9:bf:

1a:2f:2a:4a:27:e1:7a:8c:b3:64:47:11:24:66:65:

dc:08:93:92:0f:77:de:c0:5f:1b:21:26:69:58:ff:

81:dd:0d:d1:c8

ASN1 OID:

**prime256v1**
X509v3 extensions:

X509v3 Subject Key Identifier:

CA:CE:04:18:F9:51:6E:E3:C9:E3:57:9D:90:BB:F3

3

X509v3 Authority Key Identifier:

keyid:CA:CE:04:18:F9:51:72:C9:E3:57:9D:90:BB:F3

3

X509v3 Basic Constraints:

CA:TRUE

Signature Algorithm:

**ecdsa-with-SHA1**
30:46:02:21:00:ae:a0:1b:04:04:3d:57:17:3f:2f:30:49:a6:

61:c0:bc:90:83:af:f7:e2:55:d1:9a:4c:02:b5:ae:94:d6:99:

27:e8:09:bb:b0:8e:bc:3f:66:c1:7e:40:96:d5:e3:31:90:f9

-----BEGIN CERTIFICATE-----

MIIB3DCCAYKgAwIBAgIJAKUZ1ymEY/1PMAkGByqGSM49BAEwSzELMAkGA1UEBhMC

VVMxCzAJBgNVBAgMAlNDMQwwCgYDVQQHDANDSFMxITAfBgNVBAoMGEludGVybmV0

IFdpZGdpdHMgUHR5IEx0ZDAeFw0xMTA0MTUyMTE3MjBaFw0xNDAyMDIyMTE3MjBa

VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwWTATBgcqhkjOPQIBBggqhkjO

l6JtrNwIk5IPd97AXxshJmlY/4HdDdHIo1AwTjAdBgNVHQ4EFgQUys4EGPlRbuPe

GUNyyeNXnZC789MwHwYDVR0jBBgwFoAUys4EGPlRbuPeGUNyyeNXnZC789MwDAYD

VR0TBAUwAwEB/zAJBgcqhkjOPQQBA0kAMEYCIQCuoBsEBD1XFz8vMEmmYcC8kIOv

9+JV0ZpMArWulNaZKwIhANZJDtHLu4LnUCvz1BxAJ+gJu7COvD9mwX5AltXjMZD5

-----END CERTIFICATE-----

ECC if different because ecc supports many different ciphers.

# openssl ecparam -list_curves

secp112r1 : SECG/WTLS curve over a 112 bit prime field

secp112r2 : SECG curve over a 112 bit prime field

secp128r1 : SECG curve over a 128 bit prime field

secp128r2 : SECG curve over a 128 bit prime field

secp160k1 : SECG curve over a 160 bit prime field

secp160r1 : SECG curve over a 160 bit prime field

secp160r2 : SECG/WTLS curve over a 160 bit prime field

secp192k1 : SECG curve over a 192 bit prime field

secp224k1 : SECG curve over a 224 bit prime field

secp224r1 : NIST/SECG curve over a 224 bit prime field

secp256k1 : SECG curve over a 256 bit prime field

secp384r1 : NIST/SECG curve over a 384 bit prime field

secp521r1 : NIST/SECG curve over a 521 bit prime field

prime192v1: NIST/X9.62/SECG curve over a 192 bit prime field

prime192v2: X9.62 curve over a 192 bit prime field

prime192v3: X9.62 curve over a 192 bit prime field

prime239v1: X9.62 curve over a 239 bit prime field

prime239v2: X9.62 curve over a 239 bit prime field

prime239v3: X9.62 curve over a 239 bit prime field

prime256v1: X9.62/SECG curve over a 256 bit prime field

sect113r1 : SECG curve over a 113 bit binary field

sect113r2 : SECG curve over a 113 bit binary field

sect131r1 : SECG/WTLS curve over a 131 bit binary field

sect131r2 : SECG curve over a 131 bit binary field

sect163k1 : NIST/SECG/WTLS curve over a 163 bit binary field

sect163r1 : SECG curve over a 163 bit binary field

sect163r2 : NIST/SECG curve over a 163 bit binary field

sect193r1 : SECG curve over a 193 bit binary field

sect193r2 : SECG curve over a 193 bit binary field

sect233k1 : NIST/SECG/WTLS curve over a 233 bit binary field

sect233r1 : NIST/SECG/WTLS curve over a 233 bit binary field

sect239k1 : SECG curve over a 239 bit binary field

sect283k1 : NIST/SECG curve over a 283 bit binary field

sect283r1 : NIST/SECG curve over a 283 bit binary field

sect409k1 : NIST/SECG curve over a 409 bit binary field

sect409r1 : NIST/SECG curve over a 409 bit binary field

sect571k1 : NIST/SECG curve over a 571 bit binary field

sect571r1 : NIST/SECG curve over a 571 bit binary field

c2pnb163v1: X9.62 curve over a 163 bit binary field

c2pnb163v2: X9.62 curve over a 163 bit binary field

c2pnb163v3: X9.62 curve over a 163 bit binary field

c2pnb176v1: X9.62 curve over a 176 bit binary field

c2tnb191v1: X9.62 curve over a 191 bit binary field

c2tnb191v2: X9.62 curve over a 191 bit binary field

c2tnb191v3: X9.62 curve over a 191 bit binary field

c2pnb208w1: X9.62 curve over a 208 bit binary field

c2tnb239v1: X9.62 curve over a 239 bit binary field

c2tnb239v2: X9.62 curve over a 239 bit binary field

c2tnb239v3: X9.62 curve over a 239 bit binary field

c2pnb272w1: X9.62 curve over a 272 bit binary field

c2pnb304w1: X9.62 curve over a 304 bit binary field

c2tnb359v1: X9.62 curve over a 359 bit binary field

c2pnb368w1: X9.62 curve over a 368 bit binary field

c2tnb431r1: X9.62 curve over a 431 bit binary field

wap-wsg-idm-ecid-wtls1: WTLS curve over a 113 bit binary field

wap-wsg-idm-ecid-wtls3: NIST/SECG/WTLS curve over a 163 bit binary field

wap-wsg-idm-ecid-wtls4: SECG curve over a 113 bit binary field

wap-wsg-idm-ecid-wtls5: X9.62 curve over a 163 bit binary field

wap-wsg-idm-ecid-wtls6: SECG/WTLS curve over a 112 bit prime field

wap-wsg-idm-ecid-wtls7: SECG/WTLS curve over a 160 bit prime field

wap-wsg-idm-ecid-wtls8: WTLS curve over a 112 bit prime field

wap-wsg-idm-ecid-wtls9: WTLS curve over a 160 bit prime field

wap-wsg-idm-ecid-wtls10: NIST/SECG/WTLS curve over a 233 bit binary field

wap-wsg-idm-ecid-wtls11: NIST/SECG/WTLS curve over a 233 bit binary field

wap-wsg-idm-ecid-wtls12: WTLS curvs over a 224 bit prime field

when you generate the private key it has a extra section to specify the curve used

# cat key.pem

-----BEGIN EC PARAMETERS-----

**rRggqsdfgsdfgMssw==** << curve type

-----END EC PARAMETERS-----

-----BEGIN EC PRIVATE KEY-----

MHcCAQEEIGk7veSN5+1ApwDyep5Pxyrn/DJfPfEFIKxn6sdajfsdfsdffjjGSM49

aaaaaaaaQgAEpkl5DaskdlfjlksdfjlskdfjfjfjjLNkRxEkZmUrTqIE6uV07bMS

KZeibazcskdlfjsdlfksdlfjSZpWP+B3Q3RyA==

-----END EC PRIVATE KEY-----

__Its fine to use with SSH currently but i would not recommend it for SSL certs for a web server yet. As only a custom beta build of chrome supports ECC SSL certificates. Most browsers do not know how to handle it yet. Apache must also be patched to handle ECC__