这似乎是您想要的命令：

openssl req -new -x509 -nodes -newkey ec:<(openssl ecparam -name secp384r1) -keyout cert.key -out cert.crt -days 3650

利用 -pkeyopt

openssl req -x509 -nodes -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 -keyout ecdsa.pem -out mycert.crt -days 30

根据人的要求：

OPTIONS
       -pkeyopt opt:value
           set the public key algorithm option opt to value. The precise set of options supported depends on the public key algorithm used and its implementation. See KEY GENERATION OPTIONS in the genpkey manual page for more details.

然后看一下 man genpkey：

EC PARAMETER GENERATION OPTIONS
       The EC parameter generation options below can also be supplied as EC key generation options. This can (for example) generate a key from a named curve without the need to use an explicit parameter file.

       ec_paramgen_curve:curve
           the EC curve to use. OpenSSL supports NIST curve names such as "P-256".

       ec_param_enc:encoding
           the encoding to use for parameters. The "encoding" parameter must be either "named_curve" or "explicit".

openssl ecparam -name secp521r1 -genkey -param_enc explicit -out private-key.pem
openssl req -new -x509 -key private-key.pem -out server.pem -days 730

使用 OpenSSL 创建自签名 ECDSA SSL 证书对我有用。

您可以在生成后测试证书，如下所示。

openssl ecparam -in private-key.pem -text -noout

使用备用主题名称创建 ECC secp384r1 密钥 + CSR 的一个班轮：

export FQDN="www.example.com" ; export FQDNA="DNS.1=$FQDN, DNS.2=example.com, DNS.3=es.example.com, DNS.4=it.example.com, DNS.5=pt.example.com, DNS.6=de.example.com, DNS.7=fr.example.com" ; openssl req -new -nodes -newkey ec:<(openssl ecparam -name secp384r1 -rand /dev/urandom) -keyout $FQDN.secp384r1.key -out $FQDN.secp384r1.csr -subj "/C=US/ST=Minnesota/L=Minneapolis/O=Me and my Feast/OU=IT Dept./CN=$FQDN/subjectAltName=$FQDNA"