infrastructure

mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2025-01-07 04:24:10 +01:00

History

Jan Alexander Steffens (heftig) fb1f03549c certbot: Use ECDSA (P-256) certificates, not RSA certbot switched to ECDSA by default about two years ago, following [recommended practices][1]. We are currently using RSA with 4096 bits, which is extremely slow to sign. Using ECDSA should give us a nice speedup. [1]: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29	2024-07-20 11:20:10 +00:00
..
main.yml	certbot: Use ECDSA (P-256) certificates, not RSA	2024-07-20 11:20:10 +00:00

Jan Alexander Steffens (heftig) fb1f03549c certbot: Use ECDSA (P-256) certificates, not RSA

certbot switched to ECDSA by default about two years ago, following
[recommended practices][1].

We are currently using RSA with 4096 bits, which is extremely slow to
sign. Using ECDSA should give us a nice speedup.

[1]: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29

2024-07-20 11:20:10 +00:00

main.yml

certbot: Use ECDSA (P-256) certificates, not RSA

2024-07-20 11:20:10 +00:00