Enable use of ECDSA private account key
As boulder allow to use either RSA or ECDSA account key, we should be able to use both of them.
I think we can do this by two means:
- use openssl to read the key and find parameters inside it
- ask to add configuration inside the config file if user uses non-rsa key
To acheive this issue will have to:
-
Update the account key rollover to take into account every RSA-PSK and ECDSA possible algorithm -
Update the acme-dns-tiny script wot take into account one of RSA-PSK algorithm and one of ECDSA algorithm -
Update our documentation to warn users using ECDSA keys that they have to use our choice to create their key (or adapt themselves the script with example inside the account key rollover tool) and that they'll have more work when the choice will be updated to latest securty recommendations.