Can version 0.23 still be used?


#1

I got notice that my domain was renewed using TLS-SNI-01 and will stop working.

I am running on nginx. My certbot versions is 0.23 and I tried renew --dryrun but it didn’t complain. So is it ok or not?

I tried upgrading certbot but it stubbornly refuses to upgrade. I tried all of the following:

apt-get update
apt-get upgrade
apt-get dist-upgrade
certbot-auto
apt-get --with-new-pkgs upgrade
apt-get install --only-upgrade certbot

but it still stays at 0.23.


#2

Yes, for now.

What Linux distribution and version are you on?


#3

Ubuntu 18.04.2 LTS on a low-end Google CE.

I have finally managed to upgrade to 0.31 after running the following additional step before updating again:

sudo add-apt-repository ppa:certbot/certbot

Is 0.23 using TLS-SNI-01 or HTTP-01 or some other approved method?


#4

It’s great that you managed to update to 0.31.

The fact that your 0.23’s dry-run succeeded indicates it was already using HTTP-01 - if it was trying to use TLS-SNI, the dry-run would have failed. Certbot has always been capable of using HTTP-01, it’s just that the default was TLS-SNI, for quite some time.