If you call acme cert without the -k option it will auto-generate a private certificate key for the user, but it is currently hard-coded to only use the ECDSA algorithm. While ECDSA is supposed to be superior algorithm, ECDSA certs are not compatible with a number client and server systems e.g. AWS API Gateway requires a 2048bit RSA key.
It would be great if the user could optionally specify the private key certificate algorithm and key size using a flag. That would make things simpler, safer and easier for users who don't have openssl installed.
The text was updated successfully, but these errors were encountered: