Resolved Can Let's Encrypt add-on generate 4096 bit certificates?

[Linulex]

Hi all,

Is there a way to have Let's Encrypt generate certificates with a 4096 bit key?
Some config somewhere maybe or a hidden parameter that can be set.

If not, is this planned in the next release?

regards
Jan

 

[UFHH01]

Hi Linulex,

pls. have a look at "/usr/local/psa/var/modules/letsencrypt/cli.ini.sample".

In addition, you might be interested, that the Let's encrypt "certbot" has additional options, which you are able to list with the "--help" - command for example:

/usr/local/psa/var/modules/letsencrypt/venv/bin/certbot --help​

 

[Linulex]

Hi @UFHH01

renaming /usr/local/psa/var/modules/letsencrypt/cli.ini.sample to /usr/local/psa/var/modules/letsencrypt/cli.ini and commenting the test server entry did it, tnx.

One tip: you must delete the existing certificate and get a new one, only renewing doesnt seem to be enough.

regards
Jan

 

[Walter]

@UFHH01 advice was spot on. I was able to just renew my certificates without deleting the existing ones. I just had to be sure my browser cache was deleted before browsing to the domain again. Before following the advice of @Linulex be sure to delete your browser cache as you shouldn't need to delete any certificates, the renewal process automatically does this.