Transitioning to ECC and beyond

We may some day be faced with the need to drop RSA and use only ECC (or some other better/faster/safer cert type)
No one can predict what the future may bring (with any certainty) but it doesn’t hurt to be prepared.

I’d like to see native simultaneous support for RSA and ECDSA cert types in certbot/certbot-auto
Keeping the same simple solution but allowing for clearer choices of cert type and even for the choice to include more than one cert type.


As far as I know, LE has not yet reached consensus on how to make certbot handle the two different algorithms. Two certificates per “cert name” or just one certificate per “cert name”, but then two different “cert names”.

Until this question is resolved, development on certbot on this issue from my end has halted.

See this issue:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.