In the coming months, Certbot will be switching to issuing ECDSA (secp256r1) certificates by default. This will happen in the release of Certbot 2.0.
Currently, Certbot issues 2048-bit RSA certificates by default.
We are announcing this change now in order to provide advance warning and to gather feedback from the community.
Why?
When Certbot was initially released at the end of 2015, RSA was widely considered to strike the best balance between compatibility, security, and performance. Over the last 7 years, this has changed and ECDSA is widely supported in modern web software. Since compatibility is no longer a concern, we feel this is the right time to make ECDSA the default certificate type to help people get the security and performance benefits offered by ECDSA.
This change follows the current recommendation by Mozilla for servers using TLS.
Will existing certificates be affected?
Upon the release of Certbot 2.0, new certificates will use ECDSA (secp256r1) private keys by default.
Existing certificates will not be affected.
Renewing an existing certificate using certbot renew
(including via Certbot’s cron jobs, timers and scheduled tasks) will preserve the existing key type.
Renewing/replacing an existing certificate with certbot certonly/run
will preserve the existing key type if running non-interactively and prompt the user to confirm the key type if running interactively.
Upgrading to Certbot 2.0
Certbot 2.0 will be fully compatible with existing Certbot installations and upgrading should not have any adverse effects.
If you installed Certbot via snap, you will automatically be upgraded to Certbot 2.0.
Windows, Docker and pip users will be able to upgrade to Certbot 2.0 at their own convenience.
Users of 3rd party packages (e.g. Debian/Ubuntu apt repositories, EPEL yum/dnf repository, Homebrew) will need to wait for those repositories to be updated before upgrading.
The best way to install Certbot is to follow the instructions at https://certbot.eff.org/instructions.
Other changes coming in Certbot 2.0
Other notable changes include:
- Certbot will drop support for versions of ACME from before the RFC 8555 standard.
- Our Apache plugin will no longer support Apache 2.2 which reached its end-of-life in 2018.
- When Certbot was first released, 3rd party plugins names had to have the format
dist_name:plugin_name
instead of justplugin_name
both on the CLI and in configuration files. Certbot has accepted the shorterplugin_name
version for a while now and support for the formatdist_name:plugin_name
will be dropped. - The CloudXNS DNS plugin will be removed. The provider is defunct.
A fuller list, including changes to the Python APIs, can be found here.