Change Let's Encrypt cert to 2048 bits

Is there a way to decrease the bitiness of the Let’s Encrypt cert being generated by the FreePBX cert manager? We are using GXP2130 phones that accept only up to 2048 characters for the cert/key. The keys being generated are 4096.

I guess we could just manually generate the certs, but having that feature in the FreePBX GUI would be nice. Perhaps I missed a setting somewhere.

We do a 4096 to pass the SSL Labls tests

Hi Andrew!

You would pass those tests with flying colours (A+) without having a 4096 bits key… The setup described is overly restrictive (to the point of breaking stuff) just to get all 100%…

Just my 2 cents…

Have a nice day!


Features requests welcome so are patches.

created a feature request in JIRA