Document the generation of ECDSA private keys #129
Conversation
|
I'm not sure if this is possible to add ECDSA support efficiently with all the openssl regex/parsing/signing that's going on in acme-tiny. Thoughts? |
|
It is, all you need is exactly that one line that this PR implies. |
|
I have been using acme-tiny with a private key and a CSR generated in such manner since before I opened this PR including with the latest version. |
| @@ -66,11 +66,22 @@ The ACME protocol (what Let's Encrypt uses) requires a CSR file to be submitted | |||
| to it, even for renewals. You can use the same CSR for multiple renewals. NOTE: | |||
| you can't use your account private key as your domain private key! | |||
|
|
|||
| Let's encrypt has support for both RSA and ECDSA certificates. Depending on your | |||
There was a problem hiding this comment.
The correct spelling is "Let's Encrypt", not "Let's encrypt".
|
@diafygi code support is only needed for ECC account keys, but not for ECC private keys for certificates. |
|
Gotcha. I feel like before merging this, a test should be added for ECDSA account keys. I could probably write the test, but it might be a while before I get around to it. However, totally open to adding a test as part of this pull request or opening another pull request. |
|
I'll leave someone else to pursue these changes |
|
Why a test for an account key? This pull request has nothing to do with account keys? I am using ecc private keys for my domains with acme-tiny for years now. This little update of the docs would be nice for everyone else. |
Add a note in the README.md how to generate an ECDSA key.