Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Provide the option to auto-generate the certificate's private key using RSA instead of ECDSA #46
If you call acme cert without the -k option it will auto-generate a private certificate key for the user, but it is currently hard-coded to only use the ECDSA algorithm. While ECDSA is supposed to be superior algorithm, ECDSA certs are not compatible with a number client and server systems e.g. AWS API Gateway requires a 2048bit RSA key.
It would be great if the user could optionally specify the private key certificate algorithm and key size using a flag. That would make things simpler, safer and easier for users who don't have openssl installed.