From 37ff28468eae36aed56c714bb0e6aa7cdd2b71a2 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@sevenseas.org>
Date: Fri, 15 Apr 2016 20:03:05 +0200
Subject: [PATCH] 
 library/roles/letsencrypt-acmetool-client/templates/cert-requirements.j2: rsa
 key dimension. d4science-infrastructure/group_vars/ldap_liferay_dev/all.yml:
 openldap on ubuntu/debian is linked to gnuTLS and does not support ecdsa
 keys.

---
 letsencrypt-acmetool-client/defaults/main.yml              | 1 +
 letsencrypt-acmetool-client/templates/cert-requirements.j2 | 1 +
 2 files changed, 2 insertions(+)

diff --git a/letsencrypt-acmetool-client/defaults/main.yml b/letsencrypt-acmetool-client/defaults/main.yml
index 8098819..9614a13 100644
--- a/letsencrypt-acmetool-client/defaults/main.yml
+++ b/letsencrypt-acmetool-client/defaults/main.yml
@@ -16,6 +16,7 @@ letsencrypt_acme_services_scripts_dir: /usr/lib/acme/hooks
 
 # responses parameters
 letsencrypt_acme_rsa_key_size: 4096
+# rsa|ecdsa
 letsencrypt_acme_key_type: ecdsa
 letsencrypt_acme_ecdsa_curve: nistp256
 letsencrypt_acme_email: sysadmin@example.com
diff --git a/letsencrypt-acmetool-client/templates/cert-requirements.j2 b/letsencrypt-acmetool-client/templates/cert-requirements.j2
index 3666cd4..3333ea4 100644
--- a/letsencrypt-acmetool-client/templates/cert-requirements.j2
+++ b/letsencrypt-acmetool-client/templates/cert-requirements.j2
@@ -11,6 +11,7 @@ request:
 
 key:
   type: {{ letsencrypt_acme_key_type }}
+  rsa-size: {{ letsencrypt_acme_rsa_key_size }}
   ecdsa-curve: {{ letsencrypt_acme_ecdsa_curve }}