Create a test file: $ echo testing > testsign.txt $ cat testsign.txt testing 2.
Run the following command to generate a signature using a private key for the testsign.txt file: $ openssl dgst -ecdsa-with-SHA1 -sign eccprivatekey.pem testsign.txt > ecsign.bin 3.
Smaller Keys, Stronger Security (Part 2)
Finally, the command for verification can be run as shown here: $ openssl dgst -ecdsa-with-SHA1 -verify eccpublickey.pem -signature ecsign.bin testsign.txt Verified OK A certificate can also be produced by using the private key generated earlier by using the following command: $ openssl req -new -key eccprivatekey.pem -x509 -nodes -days 365 -out ecccertificate.pem This command will produce the output similar to the one shown here.
Enter the appropriate parameters to generate the certificate: You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.’, the field will be left blank.
Organizational Unit Name (eg, section) []:NA Common Name (e.g.
ECDSA using OpenSSL First, the private key is generated using the following commands: $ openssl ecparam -genkey -name secp256k1 -noout -out eccprivatekey.pem $ cat eccprivatekey.pem —–BEGIN EC PRIVATE KEY—– MHQCAQEEIMVmyrnEDOs7SYxS/AbXoIwqZqJ+gND9Z2/nQyzcpaPBoAcGBSuBBAAK oUQDQgAEEKKS4E4+TATIeBX8o2J6PxKkjcoWrXPwNRo/k4Y/CZA4pXvlyTgH5LYm QbU0qUtPM7dAEzOsaoXmetqB+6cM+Q== —–END EC PRIVATE KEY—– Next, the public key is generated from the private key: $ openssl ec -in eccprivatekey.pem -pubout -out eccpublickey.pem read EC key writing EC key $ cat eccpublickey.pem —–BEGIN PUBLIC KEY—– MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEEKKS4E4+TATIeBX8o2J6PxKkjcoWrXPw NRo/k4Y/CZA4pXvlyTgH5LYmQbU0qUtPM7dAEzOsaoXmetqB+6cM+Q== —–END PUBLIC KEY—– Now, suppose a file named testsign.txt needs to be signed and verified. This can be achieved as follows: 1. Create a test file: $ echo testing > testsign.txt $ cat testsign.txt testing 2. Run the following command to generate a signature using a private key for the testsign.txt file: $ openssl dgst -ecdsa-with-SHA1 -sign eccprivatekey.pem testsign.txt > ecsign.bin 3. Finally, the command for verification can be run as shown here: $ openssl dgst -ecdsa-with-SHA1 -verify eccpublickey.pem -signature ecsign.bin testsign.txt Verified OK A certificate can also be produced by using the private key generated earlier by using the following command: $ openssl req -new -key eccprivatekey.pem -x509 -nodes -days 365 -out ecccertificate.pem This command will produce the output similar to the one shown here. Enter the appropriate parameters to generate the certificate: You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.’, the field will be left blank. —– Country Name (2 letter code) [AU]:GB State or Province Name (full name) [Some-State]:Cambridge Locality Name (eg, city) []:Cambridge Organization Name (eg, company) [Internet Widgits Pty Ltd]:Dr.Equinox! Organizational Unit Name (eg, section) []:NA Common Name (e.g. server FQDN or YOUR name) []:drequinox Email Address []:drequinox@drequinox.com The certificate can be explored using the following command: $ openssl x509 -in ecccertificate.pem -text -noout The following output shows the certificate:
Why This Matters for Blockchain Technology
Understanding ECDSA using OpenSSL is not just an academic exercise — it has real-world implications for how blockchain systems are designed, deployed, and secured. Whether you are a developer building decentralized applications, a business leader evaluating blockchain adoption, or a curious learner exploring the technology, this knowledge provides a critical foundation.
Key Points to Remember
- Create a test file: $ echo testing > testsign.txt $ cat testsign.txt testing 2.
- Run the following command to generate a signature using a private key for the testsign.txt file: $ openssl dgst -ecdsa-with-SHA1 -sign eccprivatekey.pem testsign.txt > ecsign.bin 3.
- Enter the appropriate parameters to generate the certificate: You are about to be asked to enter information that will be incorporated into your certificate request.
- What you are about to enter is what is called a Distinguished Name or a DN.
Conclusion
ECDSA using OpenSSL represents one of the many innovative layers that make blockchain technology so powerful and transformative. As distributed systems continue to evolve, a solid understanding of these core concepts becomes increasingly valuable — not just for developers, but for anyone building, investing in, or working alongside blockchain-powered systems.
Whether you are just starting your blockchain journey or deepening existing expertise, mastering these fundamentals gives you the tools to think clearly about decentralized systems and make smarter decisions in this rapidly evolving space.