diff --git a/account.go b/account.go
index f3cb755..3d7bdd7 100644
--- a/account.go
+++ b/account.go
@@ -21,6 +21,7 @@ import (
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
+	"crypto/rsa"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -76,7 +77,7 @@ func (*ACMEIssuer) newAccount(email string) (acme.Account, error) {
 	if email != "" {
 		acct.Contact = []string{"mailto:" + email} // TODO: should we abstract the contact scheme?
 	}
-	privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	privateKey, err := rsa.GenerateKey(rand.Reader, 4096)
 	if err != nil {
 		return acct, fmt.Errorf("generating private key: %v", err)
 	}