If you haven’t chosen a curve, you can list them with this command:
openssl ecparam -list_curves
I picked secp256r1
for this example. Use this to generate an EC private key if you don’t have one already:
openssl ecparam -out ec_key.pem -name secp256r1 -genkey
And then generate the certificate. Your certificate will be in cert.pem
.
openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem
See also: req, ecparam