Question about using the SSL CA module...
I have been using Zotonic behind HAProxy, and would like to use it directly, but there is an issue with newer certificates issued by Let's Encrypt.
According to the Erlang
SSL man page, it appears EC keys are now supported. However, when placing all of the certs and keys into the site/priv/security/ca directory, each time a connection to Zotonic is made self-signed keys are generated, which seems to indicate Zotonic doesn't like the EC keys.
The
mod_ssl_ca page suggests that only PCKS#1 & 8 are supported, but it appears that Erlang now supports EC keys. Is it possible Zotonic could support new EC keys?
FYI: header for EC keys
-----BEGIN EC PRIVATE KEY-----