diff --git a/roles/custom/matrix-nginx-proxy/defaults/main.yml b/roles/custom/matrix-nginx-proxy/defaults/main.yml
index 0830d4f41..839211e01 100644
--- a/roles/custom/matrix-nginx-proxy/defaults/main.yml
+++ b/roles/custom/matrix-nginx-proxy/defaults/main.yml
@@ -554,7 +554,7 @@ matrix_ssl_lets_encrypt_staging: false
 # Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server
 matrix_ssl_lets_encrypt_server: ''
 
-matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.31.0"
+matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v2.0.0"
 matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
 matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
 matrix_ssl_lets_encrypt_support_email: ~
@@ -567,8 +567,8 @@ matrix_ssl_lets_encrypt_support_email: ~
 matrix_ssl_lets_encrypt_container_standalone_http_host_bind_port: '80'
 
 # Specify key type of the private key algorithm.
-# Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#using-ecdsa-keys
-matrix_ssl_lets_encrypt_key_type: rsa
+# Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#rsa-and-ecdsa-keys
+matrix_ssl_lets_encrypt_key_type: ecdsa
 
 matrix_ssl_base_path: "{{ matrix_base_data_path }}/ssl"
 matrix_ssl_config_dir_path: "{{ matrix_ssl_base_path }}/config"