On Thu, May 18, 2023 at 08:54:16PM +0200, Joachim Lindenberg via Postfix-users <postfix-users@postfix.org> wrote:
> For Letsencrypt certificates I´d definitely go with 2 1 1 > 8D02536C887482BC34FF54E41D2BA659BF85B341A0A20AFADB5813DCFBCF286D and > optionally the R4 derivate and add their successors when these are about to > expire, rather than 3 1 1 and change every two months. > Best Regards, > Joachim The certificate might change every few months, but that doesn't mean that the key has to change at the same time. As Viktor pointed out, with certbot you can configure reuse_key = True which prevents the renewal from creating a new key. That way, the user can decide when they want the key to rollover. cheers, raf _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
