I need to update a CA that is about to expire, is currently using
Algorithm of signature 256WithRSAEncryption and I'm thinking of using
ecdsa-con-SHA256 with something like:
openssl req -x509 -nodes -days 3650 -newkey ec: <(openssl ecparam -name prime256v1) -closed certs / CA.pem -out certs / CA.crt -subj "/ CN = myCA"
In addition to updating, recreating existing certificates, I wonder if there is anything that I should take care of when using