20 Feb
2017
20 Feb
'17
1:40 p.m.
On 2017-02-19, KT Walrus <kevin@my.walr.us> wrote:
That's one of the reasons I don't like Let's Encrypt, with one year certs it is easier to look at the certs and see what is going to expire in the coming month needing a new private key.
I use dehydrated (with Cloudflare DNS challenges) and as far as I know, it seems to generate a new private key every time.
This is client-dependent, the CA doesn't care either way.