# The length of secret RSA keys
key-length = 4096
-# File containing the DH parameters, as generated by openssl (optional)
-dh-params = /etc/ssl/dh2048.pem
-chain = /etc/ssl/chains/letsencrypt-x1.crt
-
[timing]
# After how many days should the private key be re-generated?
max-key-age-days = 180
[hooks]
# Called after a new certificate has been obtained.
-# Example usage: Reloading services.
+# Example usage: Reloading services, generating combined "certificate + key chain" file.
post-certchange = /home/user/letsencrypt/cert-hook
# Called after a new certificate has been obtained, *if* there also were changes in the private keys
# Example usage: Updating TLSA records (with the selector being SubjectPublicKeyInfo) in the zone