New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide the option to auto-generate the certificate's private key using RSA instead of ECDSA #46

Open
talawahtech opened this Issue Nov 25, 2016 · 0 comments

Comments

Projects
None yet
1 participant
@talawahtech

talawahtech commented Nov 25, 2016

If you call acme cert without the -k option it will auto-generate a private certificate key for the user, but it is currently hard-coded to only use the ECDSA algorithm. While ECDSA is supposed to be superior algorithm, ECDSA certs are not compatible with a number client and server systems e.g. AWS API Gateway requires a 2048bit RSA key.

It would be great if the user could optionally specify the private key certificate algorithm and key size using a flag. That would make things simpler, safer and easier for users who don't have openssl installed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment