From f000abb97d7920bade47fcce42944d1616d32e79 Mon Sep 17 00:00:00 2001 From: Arjan H Date: Fri, 3 Jun 2022 10:08:57 +0200 Subject: [PATCH] Issuer cert can now also be ECDSA Apparently the cfssl issue was resolved at some time --- gui/certificate.go | 6 ++---- gui/main.go | 3 +-- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/gui/certificate.go b/gui/certificate.go index 9793de4..3111b5d 100644 --- a/gui/certificate.go +++ b/gui/certificate.go @@ -45,10 +45,8 @@ func (ci *CertificateInfo) Initialize() { ci.KeyTypes["rsa4096"] = "RSA-4096" ci.KeyTypes["rsa3072"] = "RSA-3072" ci.KeyTypes["rsa2048"] = "RSA-2048" - if ci.IsRoot { - ci.KeyTypes["ecdsa384"] = "ECDSA-384" - ci.KeyTypes["ecdsa256"] = "ECDSA-256" - } + ci.KeyTypes["ecdsa384"] = "ECDSA-384" + ci.KeyTypes["ecdsa256"] = "ECDSA-256" ci.KeyType = "rsa4096" } diff --git a/gui/main.go b/gui/main.go index d748f98..d1282f7 100644 --- a/gui/main.go +++ b/gui/main.go @@ -1642,8 +1642,7 @@ func _helptext(stage string) template.HTML { "you can either generate a fresh certificate or import an existing one, as long as it is signed by\n", "the Root CA from the previous step.

\n", "

If you want to generate a certificate, by default the same key type and strength is selected as\n", - "was chosen in the previous step when generating the root (except that the issuer certificate cannot\n", - "be ECDSA due to a limitation in the Let's Encrypt implementation), but you may choose a different\n", + "was chosen in the previous step when generating the root, but you may choose a different\n", "one. By default the common name is the same as the CN for the Root CA, minus the word 'Root'.

")) } else { return template.HTML("")