diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js
index 34b8fdf5..c4bf379a 100644
--- a/backend/internal/certificate.js
+++ b/backend/internal/certificate.js
@@ -832,6 +832,7 @@ const internalCertificate = {
 
 		const cmd = `${certbotCommand} certonly ` +
 			`--config '${letsencryptConfig}' ` +
+			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-name "npm-${certificate.id}" ` +
@@ -873,6 +874,7 @@ const internalCertificate = {
 
 		let mainCmd = certbotCommand + ' certonly ' +
 			`--config '${letsencryptConfig}' ` +
+			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-name 'npm-${certificate.id}' ` +
@@ -969,6 +971,7 @@ const internalCertificate = {
 
 		const cmd = certbotCommand + ' renew --force-renewal ' +
 			`--config '${letsencryptConfig}' ` +
+			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-name 'npm-${certificate.id}' ` +
@@ -1002,6 +1005,7 @@ const internalCertificate = {
 
 		let mainCmd = certbotCommand + ' renew --force-renewal ' +
 			`--config "${letsencryptConfig}" ` +
+			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-name 'npm-${certificate.id}' ` +
@@ -1035,6 +1039,7 @@ const internalCertificate = {
 
 		const mainCmd = certbotCommand + ' revoke ' +
 			`--config '${letsencryptConfig}' ` +
+			`--key-type '${certificate.ssl_key_type}' ` +
 			'--work-dir "/tmp/letsencrypt-lib" ' +
 			'--logs-dir "/tmp/letsencrypt-log" ' +
 			`--cert-path '/etc/letsencrypt/live/npm-${certificate.id}/fullchain.pem' ` +
diff --git a/backend/migrations/20241209062244_ssl_key_type.js b/backend/migrations/20241209062244_ssl_key_type.js
new file mode 100644
index 00000000..7fcd107d
--- /dev/null
+++ b/backend/migrations/20241209062244_ssl_key_type.js
@@ -0,0 +1,39 @@
+const migrate_name = 'identifier_for_migrate';
+const logger       = require('../logger').migrate;
+
+/**
+ * Migrate
+ *
+ * @see http://knexjs.org/#Schema
+ *
+ * @param {Object} knex
+ * @param {Promise} Promise
+ * @returns {Promise}
+ */
+exports.up = function (knex) {
+
+	logger.info(`[${migrate_name}] Migrating Up...`);
+
+	return knex.schema.alterTable('proxy_host', (table) => {
+		table.enum('ssl_key_type', ['ecdsa', 'rsa']).defaultTo('ecdsa').notNullable();
+	}).then(() => {
+		logger.info(`[${migrate_name}] Column 'ssl_key_type' added to table 'proxy_host'`);
+	});
+};
+
+/**
+ * Undo Migrate
+ *
+ * @param {Object} knex
+ * @param {Promise} Promise
+ * @returns {Promise}
+ */
+exports.down = function (knex) {
+	logger.info(`[${migrate_name}] Migrating Down...`);
+
+	return knex.schema.alterTable('proxy_host', (table) => {
+		table.dropColumn('ssl_key_type');
+	}).then(() => {
+		logger.info(`[${migrate_name}] Column 'ssl_key_type' removed from table 'proxy_host'`);
+	});
+};
diff --git a/backend/schema/components/proxy-host-object.json b/backend/schema/components/proxy-host-object.json
index 5098802b..7679d6c1 100644
--- a/backend/schema/components/proxy-host-object.json
+++ b/backend/schema/components/proxy-host-object.json
@@ -23,6 +23,7 @@
 		"locations",
 		"hsts_enabled",
 		"hsts_subdomains",
+		"ssl_key_type",
 		"certificate"
 	],
 	"additionalProperties": false,
@@ -149,6 +150,11 @@
 					"$ref": "./access-list-object.json"
 				}
 			]
+		},
+		"ssl_key_type": {
+			"type": "string",
+			"enum": ["ecdsa", "rsa"],
+			"description": "Type of SSL key (either ecdsa or rsa)"
 		}
 	}
 }
diff --git a/backend/schema/paths/nginx/proxy-hosts/hostID/put.json b/backend/schema/paths/nginx/proxy-hosts/hostID/put.json
index 5cab6e75..5ca18f6f 100644
--- a/backend/schema/paths/nginx/proxy-hosts/hostID/put.json
+++ b/backend/schema/paths/nginx/proxy-hosts/hostID/put.json
@@ -79,6 +79,9 @@
 						},
 						"locations": {
 							"$ref": "../../../../components/proxy-host-object.json#/properties/locations"
+						},
+						"ssl_key_type": {
+							"$ref": "../../../../components/proxy-host-object.json#/properties/ssl_key_type"
 						}
 					}
 				}
diff --git a/backend/schema/paths/nginx/proxy-hosts/post.json b/backend/schema/paths/nginx/proxy-hosts/post.json
index 85455fb6..24b8a410 100644
--- a/backend/schema/paths/nginx/proxy-hosts/post.json
+++ b/backend/schema/paths/nginx/proxy-hosts/post.json
@@ -67,6 +67,9 @@
 						},
 						"locations": {
 							"$ref": "../../../components/proxy-host-object.json#/properties/locations"
+						},
+						"ssl_key_type": {
+							"$ref": "../../../components/proxy-host-object.json#/properties/ssl_key_type"
 						}
 					}
 				}
diff --git a/docker/dev/letsencrypt.ini b/docker/dev/letsencrypt.ini
index 93647b64..0563383f 100644
--- a/docker/dev/letsencrypt.ini
+++ b/docker/dev/letsencrypt.ini
@@ -1,7 +1,6 @@
 text = True
 non-interactive = True
 webroot-path = /data/letsencrypt-acme-challenge
-key-type = ecdsa
 elliptic-curve = secp384r1
 preferred-chain = ISRG Root X1
 server =
diff --git a/docker/rootfs/etc/letsencrypt.ini b/docker/rootfs/etc/letsencrypt.ini
index aae53b90..7becd3b4 100644
--- a/docker/rootfs/etc/letsencrypt.ini
+++ b/docker/rootfs/etc/letsencrypt.ini
@@ -1,6 +1,5 @@
 text = True
 non-interactive = True
 webroot-path = /data/letsencrypt-acme-challenge
-key-type = ecdsa
 elliptic-curve = secp384r1
 preferred-chain = ISRG Root X1
diff --git a/frontend/js/app/nginx/proxy/form.ejs b/frontend/js/app/nginx/proxy/form.ejs
index 8e7a2a2d..4030bcc3 100644
--- a/frontend/js/app/nginx/proxy/form.ejs
+++ b/frontend/js/app/nginx/proxy/form.ejs
@@ -105,6 +105,15 @@
                                 </select>
                             </div>
                         </div>
+                        <div class="col-sm-12 col-md-12">
+                            <div class="form-group">
+                                <label class="form-label"><%- i18n('all-hosts', 'ssl-key-type') %></label>
+                                <select name="ssl_key_type" class="form-control custom-select">
+                                    <option value="ecdsa" data-data="{&quot;id&quot;:&quot;ecdsa&quot;}" <%- ssl_key_type == 'ecdsa' ? 'selected' : '' %>>ECDSA</option>
+                                    <option value="rsa" data-data="{&quot;id&quot;:&quot;rsa&quot;}" <%- ssl_key_type == 'rsa' ? 'selected' : '' %>>RSA</option>
+                                </select>
+                            </div>
+                        </div>
                         <div class="col-sm-6 col-md-6">
                             <div class="form-group">
                                 <label class="custom-switch">
diff --git a/frontend/js/i18n/messages.json b/frontend/js/i18n/messages.json
index 0bbde454..cb3f5faf 100644
--- a/frontend/js/i18n/messages.json
+++ b/frontend/js/i18n/messages.json
@@ -77,6 +77,7 @@
       "block-exploits": "Block Common Exploits",
       "caching-enabled": "Cache Assets",
       "ssl-certificate": "SSL Certificate",
+      "ssl-key-type": "SSL Key Type",
       "none": "None",
       "new-cert": "Request a new SSL Certificate",
       "with-le": "with Let's Encrypt",
diff --git a/frontend/js/models/dead-host.js b/frontend/js/models/dead-host.js
index 98ceef29..0b44e01d 100644
--- a/frontend/js/models/dead-host.js
+++ b/frontend/js/models/dead-host.js
@@ -10,6 +10,7 @@ const model = Backbone.Model.extend({
             modified_on:     null,
             domain_names:    [],
             certificate_id:  0,
+						ssl_key_type:    'ecdsa',
             ssl_forced:      false,
             http2_support:   false,
             hsts_enabled:    false,
diff --git a/frontend/js/models/proxy-host.js b/frontend/js/models/proxy-host.js
index b82d09fe..75e86eb0 100644
--- a/frontend/js/models/proxy-host.js
+++ b/frontend/js/models/proxy-host.js
@@ -14,6 +14,7 @@ const model = Backbone.Model.extend({
             forward_port:            null,
             access_list_id:          0,
             certificate_id:          0,
+            ssl_key_type:            'ecdsa',
             ssl_forced:              false,
             hsts_enabled:            false,
             hsts_subdomains:         false,
diff --git a/frontend/js/models/redirection-host.js b/frontend/js/models/redirection-host.js
index 1d0b0de2..f3b7bbf6 100644
--- a/frontend/js/models/redirection-host.js
+++ b/frontend/js/models/redirection-host.js
@@ -14,6 +14,7 @@ const model = Backbone.Model.extend({
             forward_domain_name: '',
             preserve_path:       true,
             certificate_id:      0,
+						ssl_key_type:        'ecdsa',
             ssl_forced:          false,
             hsts_enabled:        false,
             hsts_subdomains:     false,