Is ECDSA worth using?


#1

Hi,
I want to create certificate for my domain and I found out, there’s two possibilities - I can create ECDSA or RSA certificate. Does ECDSA have some major advantages, which make it worth using, despite smaller browser compatibility? And does this smaller compatibility is a huge difference?

I just want someone to tell me, what advantages I will gain by using ECDSA rather than RSA. I’m talking only about securing domains with Let’s Encrypt, I don’t want to use certificates for any other things.

Thanks for help


#2

Definitely!
ECC certs are shorter, faster, and supported by all major browsers.

But depending on the software that will be using it, you may be able to serve both types of certs.
For instance Apache and Nginx allow both certs types in the same vhost config.
IIS will support either; but not both at the same time on the same site.


#3

If you have any idea how to do this with DirectAdmin (Apache server) then I could try, but I have only one textbox for certificate, so I probably can’t :confused:


#4

I have no idea if dual certs is even possible through DirectAdmin.
So you may have to choose one or the other…
If I had to choose, I would pick ECDSA.

I say get both…
Try the RSA and check your site at SSL LABS.
Try the ECDSA and check your site at SSL LABS.
Compare the two tests and see for yourself what the differences are and then make an educated decision.


#5

https://threatpost.com/nsas-divorce-from-ecc-causing-crypto-hand-wringing/115150/

spooky


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.