prefer pkcs1 for acme account

lib/acme/certs.js

@@ -91,7 +91,7 @@ const getAcmeAccount = async (acmeOptions, certHandler) => {
 
     // account not found, create a new one
     log.info('ACME', 'ACME account for %s not found, provisioning new one from %s', acmeOptions.key, acmeOptions.directoryUrl);
-    const accountKey = await certHandler.generateKey(acmeOptions.keyBits, acmeOptions.keyExponent);
+    const accountKey = await certHandler.generateKey(acmeOptions.keyBits, acmeOptions.keyExponent, { privateKeyEncoding: 'pkcs1' });
 
     const jwkAccount = pem2jwk(accountKey);
     log.info('ACME', 'Generated Acme account key for %s', acmeOptions.key);
@@ -281,7 +281,7 @@ const acquireCert = async (domain, acmeOptions, certificateData, certHandler) =>
             log.error('ACME', 'Redis call failed key=%s domains=%s error=%s', domainSafeLockKey, domain, err.message);
         }
 
-        log.error('ACME', 'Failed to generate cert domains=%s error=%s', domain, err.message);
+        log.error('ACME', 'Failed to generate cert domains=%s error=%s', domain, err.stack);
 
         if (certificateData && certificateData._id) {
             try {

lib/cert-handler.js

@@ -49,7 +49,8 @@ class CertHandler {
         return response;
     }
 
-    async generateKey(keyBits, keyExponent) {
+    async generateKey(keyBits, keyExponent, opts) {
+        opts = opts || {};
         const { privateKey /*, publicKey */ } = await generateKeyPair('rsa', {
             modulusLength: keyBits || 2048, // options
             publicExponent: keyExponent || 65537,
@@ -58,7 +59,7 @@ class CertHandler {
                 format: 'pem'
             },
             privateKeyEncoding: {
-                type: 'pkcs8',
+                type: opts.privateKeyEncoding || 'pkcs8',
                 format: 'pem'
             }
         });