Aaron Gable <[email protected]> wrote: > Hi Michael,
> On Wed, Nov 27, 2024, 15:59 Michael Richardson <[email protected]>
> wrote:
>>
> I'm unclear from reading 8555 if this key is retained across orders
>> (like a renewal 60 days later), or if a new key is generated each time.
>> Is the newAccount key always the same key as the CSR key?
>>
> The account key is almost never the same as the CSR key -- they serve
> different purposes and have different security properties, so the same key
> should not be used for both. In fact, Let's Encrypt rejects CSRs which
> contain a pubkey that is also in use as an account key.
Thank you for the clarification.
So then, is the account key retained across invocations?
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected]
