Hello George, On 21 Jul 2017, at 14:58, George Michaelson wrote:
I (for one) hang onto the .req file. Maybe thats naughty, but I do, so in my case Warren routine is that the keypair is being reused, because.. well.. because I like to. Software I consume I suspect (like you) doesn't, and re-mints shiny new keys now with added keynomium, but when I do it by hand? yes I reuse the .req file.
As a data point, several Let’s Encrypt clients will reuse keys. Those that do not by default can often be configured to do so. The benefits of reusing the key should be obvious to anyone that also uses TLSA. If you think about it, a TLSA record is also a certificate, but your signer auto-renews it for you.
Kind regards, -- Peter van Dijk PowerDNS.COM BV - https://www.powerdns.com/ _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
