Update: This is now working. 4096-bit RSA Private Key appears not to be working
Update: This is now working. There was an issue with the version of ACME that had an issue related to Cloudflare. The latest package resolved the issue.
When creating a Let's Encrypt Certificate with the Private Key set to 4096-bit, the Cert created is only 2048-bit.
Is this an issue with the Acme package or a limitation with Let's Encrypt? I tried creating a "new" cert as well as renewing, both have the same outcome.
Am I doing something wrong? The cert is a wildcard cert and I am using the HAProxy proxy.
Thanks in advance for any suggestions.
KlausF last edited by
I just installed ACME, and made an LetsEncrypt certificate with 4096 bit public key.
The only difference between your setup and mine, is that I use DNS manual.
I just looked at acme cert I use in haproxy, and it shows 4096
Gertjan last edited by Gertjan
is the Let'senscrypt' intermediate certificat, not the certificate you received from Letsenscrypt.
When you inspect the sit's (pfSense) cert with a normal browser like FF, you'll see the 3 of them :
Yours is the most left one.
Like mine : 4096 ....
But hey, even 2048 will do for decades ...... although you have to trach it after 90 days max.
edit : also .... the details of the cert you showed last for some 15 months .... that's not the 90 days max duration Letsencrypt is advertising with ;)