ECDSA certificate not NIST/HIPAA compliant, because SERVER CERTIFICATES ARE SIGNED WITH A WRONG ALGORITHM (sha256WithRSAEncryption instead ecdsa-with-SHA256)

ECDSA certificate not NIST/HIPAA compliant, SERVER CERTIFICATES ARE SIGNED WITH A WRONG ALGORITHM (sha256WithRSAEncryption instead ecdsa-with-SHA256).
https://www.immuniweb.com/ssl/?id=cRcQCUmb

Why you sha256WithRSAEncryption instead ecdsa-with-SHA256?

1 Like

Let’s Encrypt only provide leaf ECDSA certificates, signed by RSA intermediates. (or leaf RSA certificates, signed by RSA intermediates)

It will provide in the future, ECDSA certificates, signed by ECDSA intermediates: https://letsencrypt.org/upcoming-features/

2 Likes

Thank you for the quick response! :slight_smile:
I will wait for this support! :slight_smile:

Tell me, please, do you support the signature of ECDSA certificates created using the X25519 curve?

No, Let’s Encrypt doesn’t support EdDSA. Mostly, I think, because it isn’t allowed by the CA/B Forum.

3 Likes