diff --git a/lib/puppet/provider/ssl_pkey/openssl.rb b/lib/puppet/provider/ssl_pkey/openssl.rb
index 2007b49..35d5ea2 100644
--- a/lib/puppet/provider/ssl_pkey/openssl.rb
+++ b/lib/puppet/provider/ssl_pkey/openssl.rb
@@ -14,7 +14,7 @@ def self.generate_key(resource)
     when :rsa
       OpenSSL::PKey::RSA.new(resource[:size])
     when :ec
-      OpenSSL::PKey::EC.new(resource[:curve]).generate_key
+      OpenSSL::PKey::EC.generate(resource[:curve])
     else
       raise Puppet::Error,
             "Unknown authentication type '#{resource[:authentication]}'"
diff --git a/spec/unit/puppet/provider/ssl_pkey/openssl_spec.rb b/spec/unit/puppet/provider/ssl_pkey/openssl_spec.rb
index 1ba4a27..788691a 100644
--- a/spec/unit/puppet/provider/ssl_pkey/openssl_spec.rb
+++ b/spec/unit/puppet/provider/ssl_pkey/openssl_spec.rb
@@ -8,7 +8,6 @@
   let(:path) { '/tmp/foo.key' }
   let(:pathname) { Pathname.new(path) }
   let(:resource) { Puppet::Type::Ssl_pkey.new(path: path) }
-  let(:key) { OpenSSL::PKey::RSA.new }
 
   it 'exists? should return true if key exists' do
     expect(Pathname).to receive(:new).twice.with(path).and_return(pathname)
@@ -24,7 +23,7 @@
 
   context 'when creating a key with defaults' do
     it 'creates an rsa key' do
-      allow(OpenSSL::PKey::RSA).to receive(:new).with(2048).and_return(key)
+      expect(OpenSSL::PKey::RSA).to receive(:new).with(2048).and_call_original
       expect(File).to receive(:write).with('/tmp/foo.key', kind_of(String))
       resource.provider.create
     end
@@ -32,7 +31,7 @@
     context 'when setting size' do
       it 'creates with given size' do
         resource[:size] = 1024
-        allow(OpenSSL::PKey::RSA).to receive(:new).with(1024).and_return(key)
+        expect(OpenSSL::PKey::RSA).to receive(:new).with(1024).and_call_original
         expect(File).to receive(:write).with('/tmp/foo.key', kind_of(String))
         resource.provider.create
       end
@@ -41,7 +40,7 @@
     context 'when setting password' do
       it 'creates with given password' do
         resource[:password] = '2x$5{'
-        allow(OpenSSL::PKey::RSA).to receive(:new).with(2048).and_return(key)
+        expect(OpenSSL::PKey::RSA).to receive(:new).with(2048).and_call_original
         expect(OpenSSL::Cipher).to receive(:new).with('aes-256-cbc')
         expect(File).to receive(:write).with('/tmp/foo.key', kind_of(String))
         resource.provider.create
@@ -52,7 +51,7 @@
   context 'when setting authentication to rsa' do
     it 'creates an rsa key' do
       resource[:authentication] = :rsa
-      allow(OpenSSL::PKey::RSA).to receive(:new).with(2048).and_return(key)
+      expect(OpenSSL::PKey::RSA).to receive(:new).with(2048).and_call_original
       expect(File).to receive(:write).with('/tmp/foo.key', kind_of(String))
       resource.provider.create
     end
@@ -61,7 +60,7 @@
       it 'creates with given size' do
         resource[:authentication] = :rsa
         resource[:size] = 1024
-        allow(OpenSSL::PKey::RSA).to receive(:new).with(1024).and_return(key)
+        expect(OpenSSL::PKey::RSA).to receive(:new).with(1024).and_call_original
         expect(File).to receive(:write).with('/tmp/foo.key', kind_of(String))
         resource.provider.create
       end
@@ -71,7 +70,7 @@
       it 'creates with given password' do
         resource[:authentication] = :rsa
         resource[:password] = '2x$5{'
-        allow(OpenSSL::PKey::RSA).to receive(:new).with(2048).and_return(key)
+        expect(OpenSSL::PKey::RSA).to receive(:new).with(2048).and_call_original
         expect(OpenSSL::Cipher).to receive(:new).with('aes-256-cbc')
         expect(File).to receive(:write).with('/tmp/foo.key', kind_of(String))
         resource.provider.create
@@ -80,11 +79,9 @@
   end
 
   context 'when setting authentication to ec' do
-    key = OpenSSL::PKey::EC.new('secp384r1').generate_key # For mocking
-
     it 'creates an ec key' do
       resource[:authentication] = :ec
-      allow(OpenSSL::PKey::EC).to receive(:new).with('secp384r1').and_return(key)
+      allow(OpenSSL::PKey::EC).to receive(:generate).with('secp384r1').and_call_original
       expect(File).to receive(:write).with('/tmp/foo.key', kind_of(String))
       resource.provider.create
     end
@@ -92,8 +89,9 @@
     context 'when setting curve' do
       it 'creates with given curve' do
         resource[:authentication] = :ec
-        resource[:curve] = 'prime239v1'
-        allow(OpenSSL::PKey::EC).to receive(:new).with('prime239v1').and_return(key)
+        # See: openssl ecparam -list_curves
+        resource[:curve] = 'prime256v1'
+        expect(OpenSSL::PKey::EC).to receive(:generate).with('prime256v1').and_call_original
         expect(File).to receive(:write).with('/tmp/foo.key', kind_of(String))
         resource.provider.create
       end
@@ -103,7 +101,7 @@
       it 'creates with given password' do
         resource[:authentication] = :ec
         resource[:password] = '2x$5{'
-        allow(OpenSSL::PKey::EC).to receive(:new).with('secp384r1').and_return(key)
+        expect(OpenSSL::PKey::EC).to receive(:generate).with('secp384r1').and_call_original
         expect(OpenSSL::Cipher).to receive(:new).with('aes-256-cbc')
         expect(File).to receive(:write).with('/tmp/foo.key', kind_of(String))
         resource.provider.create