Acme letsencrypt doesn't change private key type
As alluded to in this year and a half old post (https://forum.netgate.com/topic/116404/ntopng-and-let-s-encrypt-certificates) changing the private key configuration item from ECDSDA to RSA appears to succeed, but when re-issuing or renewing the key it silently continues to use the old private key type. At best this is very confusing when the configuration now shows one type of private key, but they system is actually receiving and using a previously configured type.
#2 Updated by Howard Holm about 2 months ago
It isn't really a duplicate of that bug. The fallout of that bug sets up the conditions where you might want to change the key type, but the failure to change the type of the key is a completely separate issue. In fact, it looks like the related issue may be fixed with version 4.0 of ntopng. But that fix will have zero effect on this failure to change the key type in ACME.