diff --git a/api/certificate/issue.go b/api/certificate/issue.go
index e8e532e0..2251191a 100644
--- a/api/certificate/issue.go
+++ b/api/certificate/issue.go
@@ -123,6 +123,8 @@ func IssueCert(c *gin.Context) {
 		SSLCertificateKeyPath: sslCertificateKeyPath,
 		AutoCert:              model.AutoCertEnabled,
 		KeyType:               payload.KeyType,
+		ChallengeMethod:       payload.ChallengeMethod,
+		DnsCredentialID:       payload.DNSCredentialID,
 	})
 
 	if err != nil {
diff --git a/app/src/views/certificate/WildcardCertificate.vue b/app/src/views/certificate/WildcardCertificate.vue
index bab1ddfa..8ec23610 100644
--- a/app/src/views/certificate/WildcardCertificate.vue
+++ b/app/src/views/certificate/WildcardCertificate.vue
@@ -23,6 +23,7 @@ function open() {
   step.value = 0
   data.value = {
     challenge_method: 'dns01',
+    key_type: '2048',
   } as Cert
 }
 
@@ -45,12 +46,39 @@ const issueCert = () => {
   modalVisible.value = true
 
   refObtainCertLive.value.issue_cert(computedDomain.value,
-    [computedDomain.value, domain.value])
+    [computedDomain.value, domain.value], data.value.key_type)
     .then(() => {
       message.success($gettext('Renew successfully'))
       emit('issued')
     })
 }
+
+const keyType = shallowRef([
+  {
+    key: '2048',
+    name: 'RSA2048',
+  },
+  {
+    key: '3072',
+    name: 'RSA3072',
+  },
+  {
+    key: '4096',
+    name: 'RSA4096',
+  },
+  {
+    key: '8192',
+    name: 'RAS8192',
+  },
+  {
+    key: 'P256',
+    name: 'EC256',
+  },
+  {
+    key: 'P384',
+    name: 'EC384',
+  },
+])
 </script>
 
 <template>
@@ -75,6 +103,18 @@ const issueCert = () => {
               addon-before="*."
             />
           </AFormItem>
+
+          <AFormItem :label="$gettext('Key Type')">
+            <ASelect v-model:value="data.key_type">
+              <ASelectOption
+                v-for="t in keyType"
+                :key="t.key"
+                :value="t.key"
+              >
+                {{ t.name }}
+              </ASelectOption>
+            </ASelect>
+          </AFormItem>
         </AForm>
         <div
           v-if="step === 0"
diff --git a/app/src/views/domain/cert/components/AutoCertStepOne.vue b/app/src/views/domain/cert/components/AutoCertStepOne.vue
index 89461fc4..0219a9b5 100644
--- a/app/src/views/domain/cert/components/AutoCertStepOne.vue
+++ b/app/src/views/domain/cert/components/AutoCertStepOne.vue
@@ -44,8 +44,8 @@ const keyType = shallowRef([
 ])
 
 onMounted(() => {
-  if (data.value.key_type === '')
-    data.value.key_type = 'RSA2048'
+  if (!data.value.key_type)
+    data.value.key_type = '2048'
 })
 </script>
 
diff --git a/internal/validation/key_type.go b/internal/validation/key_type.go
index 74e956ae..60fbe475 100644
--- a/internal/validation/key_type.go
+++ b/internal/validation/key_type.go
@@ -7,7 +7,7 @@ import (
 
 func autoCertKeyType(fl val.FieldLevel) bool {
 	switch certcrypto.KeyType(fl.Field().String()) {
-	case certcrypto.RSA2048, certcrypto.RSA3072, certcrypto.RSA4096,
+	case "", certcrypto.RSA2048, certcrypto.RSA3072, certcrypto.RSA4096,
 		certcrypto.EC256, certcrypto.EC384:
 		return true
 	}