Hey, I would like to - as a experiment - hit a 100% score on the Dutch Internet.nl test but the only problem I run into into is the following:
The “forward secrecy" settings are unsafe: 'DH-1024'
How can I fix this? I am running Vesta CP with a script that automatically updates the certificates and symlimks them to their correct directories. This is the command line:
#Set the command that should be used to run the letsencrypt tool #Include any arguments that should be used by default #(arguments shouldn't be necessary if using /etc/letsencrypt/cli.ini) #The -m (mail) and -d (domain) options will be added automatically LETSENCRYPT_COMMAND='/usr/local/letsencrypt/letsencrypt-auto -t --renew-by-default --agree-tos --webroot -w /etc/letsencrypt/webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096'
I added --rsa-key-size 4096 but that didn’t seem to make any change.