Add algorithm select (RSA, ECDSA) and length of a key

remilapeyre / vault-acme

Mozilla Public License 2.0

94 stars 24 forks source link

Add algorithm select (RSA, ECDSA) and length of a key #12

Closed binlab closed 4 years ago

binlab commented 4 years ago

Thank for a nice plugin! I have tested it and it works well. But I see missed possibility to set the type of algorithm (RSA, ECDSA) and length of their keys. By default, a type is RSA and length 2048. Regarding documentation https://letsencrypt.org/docs/integration-guide/ Let’s Encrypt support it

Let’s Encrypt accepts RSA keys from 2048 to 4096 bits in length, and P-256 and P-384 ECDSA keys.

Could you investigate the possibility and implement it? Thanks!

remilapeyre commented 4 years ago

Hi @binlab, Lego the Let'sEncrypt client we are using supports RSA 2048, 4096 and 8192 and elliptic curves P-256 and P-384. We could add a new parameter in the account that defaults to P-256 which we currently use.

binlab commented 4 years ago

Awesome, waiting for this. Thanks!