I am trying to figure out if I am ok regarding TLS-SNI-01 deprecation?
When I run certbot --dry-run things work good and it says "http-01 challenge for xxx".
However, when I run certbot --renew I see:
tls-sni-01 challenge for xxxx
TLS-SNI-01 is deprecated, and will stop working soon
Is this expected?
Hi @fsa317
if your certificate is max. 30 days old, run
certbot --renew --preferred-challenges http
The test system doesn't support tls-sni, the productive system does it (will stop 2019-03-~~).
Depending on your version of Certbot, this may be expected. The fact that the --dry-run succeeds is a good sign and indicates that the ordinary renewal should work after the deprecation, although you can also try what @JuergenAuer suggests.