From: Lukas Schauer <lukas@schauer.so>
Date: Tue, 10 May 2016 20:14:23 +0000 (+0200)
Subject: Renew private key by default, but keep option to disable this feature
X-Git-Tag: v0.2.0~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e608dc2ba8e60e2088797d412d9ba174eb9502b5;p=thirdparty%2Fdehydrated.git

Renew private key by default, but keep option to disable this feature
---

diff --git a/docs/examples/config.sh.example b/docs/examples/config.sh.example
index 9bb943d..a3a4578 100644
--- a/docs/examples/config.sh.example
+++ b/docs/examples/config.sh.example
@@ -63,8 +63,8 @@
 # Minimum days before expiration to automatically renew certificate (default: 30)
 #RENEW_DAYS="30"
 
-# Regenerate private keys instead of just signing new certificates on renewal (default: no)
-#PRIVATE_KEY_RENEW="no"
+# Regenerate private keys instead of just signing new certificates on renewal (default: yes)
+#PRIVATE_KEY_RENEW="yes"
 
 # Which public key algorithm should be used? Supported: rsa, prime256v1 and secp384r1
 #KEY_ALGO=rsa
diff --git a/letsencrypt.sh b/letsencrypt.sh
index 99493d0..e4a0af7 100755
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -71,7 +71,7 @@ load_config() {
   ACCOUNT_KEY_JSON=
   KEYSIZE="4096"
   WELLKNOWN=
-  PRIVATE_KEY_RENEW="no"
+  PRIVATE_KEY_RENEW="yes"
   KEY_ALGO=rsa
   OPENSSL_CNF="$(openssl version -d | cut -d\" -f2)/openssl.cnf"
   CONTACT_EMAIL=