On 2017-02-19, KT Walrus <ke...@my.walr.us> wrote: >> That's one of the reasons I don't like Let's Encrypt, with one year >> certs it is easier to look at the certs and see what is going to expire >> in the coming month needing a new private key. > > I use dehydrated (with Cloudflare DNS challenges) and as far as I > know, it seems to generate a new private key every time.
This is client-dependent, the CA doesn't care either way.
