Letsencrypt key size configuration

Vangerdahast · June 30, 2021, 6:10am

After creating a letsencrypt certificate by using ncp-config, it was not possible to enter a specific key size.
Apple’s iOS 14 and above needs a key size of at least 4096, but the current ncp-config function creates a key with a 2048 key size.

Is it possible to configure this (and some other certbot parameters as well) somewhere in a configuration file or the function call for this ncp-config function?

Nextcloud version (eg, 20.0.5): 20.0.10.1
Operating system and version (eg, Ubuntu 20.04): Debian GNU/Linux 10
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.38
PHP version (eg, 7.4): 7.3.27-1

Vangerdahast · June 30, 2021, 7:31am

Please confirm if this is the right thing to do:

Within
/usr/local/bin/ncp/NETWORKING/letsencrypt.sh

I changed the following line from

“${letsencrypt}” certonly -n --force-renew --no-self-upgrade --webroot -w “${ncdir}” --hsts --agree-tos -m “${EMAIL}” -d “${domain_string}” && {

to

“${letsencrypt}” certonly -n --force-renew --no-self-upgrade --webroot –rsa-key-size 4096 -w “${ncdir}” --hsts --agree-tos -m “${EMAIL}” -d “${domain_string}” && {