diff --git a/cm.sh b/cm.sh
index f342e4ab02774f74daa936c754d75f8d99a70b9c..ac05a353f2426ee3ce0ce6a7de2b3f96db2025d4 100755
--- a/cm.sh
+++ b/cm.sh
@@ -35,6 +35,7 @@
 # 2022-05-19  <axel.hahn@iml.unibe.ch>  add timer and debug.log
 # 2022-05-20  <axel.hahn@iml.unibe.ch>  update _wait_4_free_slot and data in debug.log
 # 2023-02-01  <axel.hahn@unibe.ch>      skip function _fixKeyfile with former workaround
+# 2023-05-08  <axel.hahn@unibe.ch>      fix: "key and cert do not match"
 # ======================================================================
 
 
@@ -467,6 +468,9 @@ function public_add(){
 		fi
 	done
 
+	# 2023-05-08: Specifies the domain key length
+	_params+="--keylength 2048 "
+
 	_wd "--- create output dir $dircerts"
 	mkdir -p "${CM_dircerts}" 2>/dev/null
 
diff --git a/readme.md b/readme.md
index 731421a1441b1daf070c107872a30016797b09f1..5531e6221ba79eec8259057a6cd398bd0faf08d2 100644
--- a/readme.md
+++ b/readme.md
@@ -3,7 +3,6 @@
 Wrapper for **acme.sh** to create Let's Encrypt certificates using DNS authentication.
 It was written to create/ renew all needed certificates at a central system to deploy it from there (Ansible, Puppet, ...).
 
-source: <https://git-repo.iml.unibe.ch/iml-open-source/iml-certman>
-license: GNU GPL 3.0 <http://www.gnu.org/licenses/gpl-3.0.html>
-
-See [docs](docs/)
+📄 Source: <https://git-repo.iml.unibe.ch/iml-open-source/iml-certman> \
+📜 License: GNU GPL 3.0 \
+📗 You can read the docs online: <https://os-docs.iml.unibe.ch/iml-certman/> or have a look to the [docs](docs/) subdirectory.