diff --git a/patch.sh b/patch.sh
index f05df79..b66185a 100755
--- a/patch.sh
+++ b/patch.sh
@@ -29,6 +29,7 @@ $SUDO patch -p1 < $cloneDir/patches/log-validator_main.patch
 $SUDO patch -p1 < $cloneDir/patches/startservers.patch
 $SUDO patch -p1 < $cloneDir/patches/errors_errors.patch
 $SUDO patch -p1 < $cloneDir/patches/ratelimit_rate-limits.patch
+$SUDO patch -p1 < $cloneDir/patches/linter_linter.patch
 
 sed -i -e "s/berrors.RateLimitError(/berrors.RateLimitError(ra.rlPolicies.RateLimitsURL(), /g" ra/ra.go
 
diff --git a/patches/linter_linter.patch b/patches/linter_linter.patch
new file mode 100644
index 0000000..fb8d51c
--- /dev/null
+++ b/patches/linter_linter.patch
@@ -0,0 +1,21 @@
+diff --git a/linter/linter.go b/linter/linter.go
+index 59066e3f8..8cf143227 100644
+--- a/linter/linter.go
++++ b/linter/linter.go
+@@ -136,7 +136,15 @@ func makeIssuer(realIssuer *x509.Certificate, lintSigner crypto.Signer) (*x509.C
+ 	}
+ 	lintIssuerBytes, err := x509.CreateCertificate(rand.Reader, lintIssuerTBS, lintIssuerTBS, lintSigner.Public(), lintSigner)
+ 	if err != nil {
+-		return nil, fmt.Errorf("failed to create lint issuer: %w", err)
++		if strings.Contains(fmt.Sprint(err), "requested SignatureAlgorithm does not match private key type") {
++			lintIssuerTBS.SignatureAlgorithm = 0
++			lintIssuerBytes, err = x509.CreateCertificate(rand.Reader, lintIssuerTBS, lintIssuerTBS, lintSigner.Public(), lintSigner)
++			if err != nil {
++				return nil, fmt.Errorf("failed to create lint issuer (without SignatureAlgorithm): %w", err)
++			}
++		} else {
++			return nil, fmt.Errorf("failed to create lint issuer: %w", err)
++		}
+ 	}
+ 	lintIssuer, err := x509.ParseCertificate(lintIssuerBytes)
+ 	if err != nil {