Although I absolutely agree that TLSv1.3 and EC certificates are the future, there should be an option to enable RSA certificates. Why? Because various services (postfix, dovecot, mumble etc.) need to access the SSL/TLS certificates provided by Caddy and they only accept RSA.
Is there any way to enable RSA4096 certificates for Caddy? In Caddy v1 there used to be the option “key_type” to enable it. Let’s Encrypt still supports RSA and will in the future.
You can use certbot, or any other Letsencrypt ACME client implementation, to generate certificates for any other service.
That being said, I like your recommendation and feedback.
Yep, you can customize the key type: JSON Config Structure - Caddy Documentation
If you want it in the Caddyfile, we can expose this in the Caddyfile like it was before, pretty easily. Anyone want to make a PR?
I‘m not sure how to work with a json config, so yes: I‘d really appreciate the ability to expose this in the Caddyfile. Also I don‘t know how to implement it with a PR.
Now’s a good time to learn then! I’m pretty busy getting the final release ready. 
This is a community effort FOSS project, so I invite you to contribute.
I took a look at the GitHub repository, unfortunately I can‘t really contribute anything because of my lack of experience. It would take way too long for me to learn all the structures and Go itself. So I would be very happy if someone else could make the PR. By the way, thanks for the work on Caddy.
Yep, you can customize the key type: JSON Config Structure - Caddy Documentation
@matt I tried to implement it using JSON, but I get following error:
run: loading initial config: loading new config: loading http app module: provision http: getting tls app: loading tls app module: decoding module config: tls: json: cannot unmarshal object into Go struct field AutomationConfig.automation.policies of type []*caddytls.AutomationPolicy
This is the “Caddyjson”:
"apps": {
"tls": {
"automation": {
"policies": {
"key_type": "rsa4096"
}
}
},
"http": {
[...]
Nice job, tryingt he JSON!
Notice the struture of the policies field:
It takes a list of policies, so surround the one you’ve defined by [ ].
"policies" is an array of objects:
"tls": {
"automation": {
"policies": [
{
"key_type": "rsa4096"
}
]
}
},
Edit: Dang, @matt you beat me to it by like half a second 
I opened a PR to add key_type as a global Caddyfile option
https://github.com/caddyserver/caddy/pull/3231
You can try it with the CI artifacts here:
@matt @francislavoie It worked! Thank you. Also nice that the PR is on the way, so I can switch back to Caddyfile once it‘s distributed to Docker Hub.
RC2 is released with this feature added Release 2.0 release candidate 2 · caddyserver/caddy · GitHub
The docker image should be up sometime tonight.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.