Elliptic curve certificates are much smaller, leading to faster TLS handshakes. They are also considered more secure in comparison to RSA certificates. This should speed up loading secure websites on most client devices.
We will generate/request EC 384 certificates with key exchange cipher ECDH secp384r1 and request signature using SHA384. This is currently the maximum for best browser compatiblity. The resulting certificate will provide much better encryption and authentication compared to your usual RSA 4096/SHA256 combo.
openssl req -x509 -nodes -days 3650 -sha384 -newkey ec:<(openssl ecparam -name secp384r1) -keyout ecdsakey.pem -out ecdsacert.pem openssl ecparam -genkey -out eckey.pem -name secp384r1 openssl req -x509 -new -key eckey.pem -out cert.pem
In the following examples, certificates are requested with a SHA384 secure hash signature, however Let's Encrypt currently enforces a limit of SHA256 which will be applied to your requests. Once the limit is lifted, the following requests should be honored with SHA384.
openssl req -x509 -nodes -days 3650 -sha384 -newkey ec:<(openssl ecparam -name secp384r1) -keyout ecdsakey.pem -out ecdsacert.pem openssl ec -in ecdsakey.pem -noout -text openssl req -new -key ecdsakey.pem -nodes -subj "/CN=example.com" -sha384 -reqexts SAN -extensions SAN -config <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:example.com,DNS:www.example.com')) -out csr.pem -outform pem certbot certonly --webroot -n --server "https://acme-v02.api.letsencrypt.org/directory" --domain "example.com" --csr csr.pem
When using a recent Certbot version, it is no longer necessary to request an EC certificate using a CSR, so this is the easier solution:
certbot certonly --webroot --key-type ecdsa --elliptic-curve secp384r1 -n -d example.com -d www.example.com --server "https://acme-v02.api.letsencrypt.org/directory"
Is it worth it yet? All currently supported operating systems and web browsers will work with EC certificates. Backwards compatibility is also good enough. Let this speak for itself: SSLLabs Survey: www.chotaire.net.