patrickkasie
Verified User
Dear DirectAdmin forum,
It seems that 24 days ago, there has been an update to multiple servers in some way, but due to round errors let's say it was on monday august 12th. At that day, I've updated all DA servers to their most recent version. The problem only appears now that I was testing some domainnames to see if they were up to internet.nl's standards. They do not anymore.
Ever since the autorenewal of the keys since august 12th, they seem to all be renewed using DH-4096 key bit size instead of EC-384. Domainnames that are bound to have their certificate renewed after the 12th all have the DH-4096 key bit length, the currently unrenewed domainnames from before that day that are still valid are still holding on to EC-384.
Using the option "Free & automatic certificate from Let's Encrypt", renewing the certificates manually regardless of EC-384 or DH-4096 renews it with their respective keybits if you don't select a different keybit option.
What has the reason for this change? Is it a bug or is it just me? It happens across MOST but not all servers from 2 different hosting companies, so it's not 1 mistake on one site.
It happens on servers that are both CentOS7, but not on AlmaLinux8
It seems that 24 days ago, there has been an update to multiple servers in some way, but due to round errors let's say it was on monday august 12th. At that day, I've updated all DA servers to their most recent version. The problem only appears now that I was testing some domainnames to see if they were up to internet.nl's standards. They do not anymore.
Ever since the autorenewal of the keys since august 12th, they seem to all be renewed using DH-4096 key bit size instead of EC-384. Domainnames that are bound to have their certificate renewed after the 12th all have the DH-4096 key bit length, the currently unrenewed domainnames from before that day that are still valid are still holding on to EC-384.
Using the option "Free & automatic certificate from Let's Encrypt", renewing the certificates manually regardless of EC-384 or DH-4096 renews it with their respective keybits if you don't select a different keybit option.
What has the reason for this change? Is it a bug or is it just me? It happens across MOST but not all servers from 2 different hosting companies, so it's not 1 mistake on one site.
It happens on servers that are both CentOS7, but not on AlmaLinux8
Last edited: