Today I finished my automated letsencrypt rollout tests and I created about 60 certificates against the test (acme-staging) server.
I'm using the bash script letsencrypt.sh for the certificate requests and a listener file which creates the domains.txt file for the bash script.
The rest will be done with letsencrypt.sh -c (also the renew, if only 30 days are left) to request the certificate from the letsencrypt server.
The entries in the i-MSCP database are made by the hook file of the bash script and then the i-MSCP request manager is called. So far all is working fine.
Now I started to try out with the key algorithm prime256v1 (ECDSA) instead of rsa, and i-MSCP does not allow that kind of certificates.
I get a Invalid SSL certificate when I look at the panel after the certificate was pushed into the database.
The private key looks different on a ECDSA certificate and I assume that is the reason why the system is not allowing it. Here an example:
- -----BEGIN EC PARAMETERS-----
- -----END EC PARAMETERS-----
- -----BEGIN EC PRIVATE KEY-----
- -----END EC PRIVATE KEY-----
Any plans to support that in the future?