diff --git a/scripts/gentls_cert.in b/scripts/gentls_cert.in
index 49b3940d5d..f2e4cd5a99 100644
--- a/scripts/gentls_cert.in
+++ b/scripts/gentls_cert.in
@@ -87,8 +87,9 @@ setup_ca() {
 		"${CONFDIR}/CA/config.tpl" \
 			> "${TMPFILE}.cfg" || exit 1
 
+	openssl ecparam -name secp160r2 -out CA_CURVE.pem
 	openssl req -out "${CONFDIR}/CA/cacert.pem" \
-		-new -x509 -keyout "${CONFDIR}/CA/cakey.pem" \
+	        -new -x509 -keyout "${CONFDIR}/CA/cakey.pem" -newkey ec:CA_CURVE.pem \
 		-config "${TMPFILE}.cfg" -nodes -days ${DAYS} -sha1 >/dev/null || exit 1
 	cat "${CONFDIR}/CA/cacert.pem" > "${CONFDIR}/cafile.pem"
 	cp $TMPFILE.cfg /tmp/ssl.cfg
@@ -130,7 +131,7 @@ generate_cert() {
 			> "${TMPFILE}.cfg" || exit 1
 
 	openssl req -new -out "${TMPFILE}.req" \
-		-newkey rsa:${KEY_SIZE} -keyout "${TMPFILE}.key" \
+	        -newkey ec:CA_CURVE.pem -keyout "${TMPFILE}.key" \
 		-config "${TMPFILE}.cfg" -nodes -sha1 >/dev/null || exit 1
 
 	openssl x509 -req -CAkey "${CONFDIR}/CA/cakey.pem" -CA "${CONFDIR}/CA/cacert.pem" -CAcreateserial \
@@ -156,7 +157,6 @@ remove_ca() {
 }
 OUTFILESET="0"
 command="$1"
-shift
 
 while [ $# -gt 0 ]; do
 	case $1 in