diff --git a/gimmecert/cli.py b/gimmecert/cli.py
index 483d11dced41929312891326902c2727044331ea..b31ca8c3d1c74efcdb9d5c3281f65a92065c9e0c 100644
--- a/gimmecert/cli.py
+++ b/gimmecert/cli.py
@@ -145,11 +145,14 @@ def setup_server_subcommand_parser(parser, subparsers):
     subparser.add_argument('dns_name', nargs='*', help='Additional DNS names to include in subject alternative name.')
     subparser.add_argument('--csr', '-c', type=str, default=None, help='''Do not generate server private key locally, and use the passed-in \
     certificate signing request (CSR) instead. Use dash (-) to read from standard input. Only the public key is taken from the CSR.''')
+    subparser.add_argument('--key-specification', '-k', type=key_specification,
+                           help='''Specification/parameters to use for private key generation. \
+    For RSA keys, use format rsa:BIT_LENGTH. Default is to use same algorithm/parameters as used by CA hierarchy.''', default=None)
 
     def server_wrapper(args):
         project_directory = os.getcwd()
 
-        return server(sys.stdout, sys.stderr, project_directory, args.entity_name, args.dns_name, args.csr)
+        return server(sys.stdout, sys.stderr, project_directory, args.entity_name, args.dns_name, args.csr, args.key_specification)
 
     subparser.set_defaults(func=server_wrapper)