I have been using python-certbot-nginx on my digital ocean droplet for several months.
I received an e-mail saying I needed to take action as certbot will no longer be supporting ACME TLS-SNI-01 domain validation.
Looking at this forum it looks like I need to upgrade to certbot 0.28 but when I go through the installation steps I am told that certbot is already at it’s newest version (0.25.0-2+ubuntu17.10.1+certbot+1).
Looking at the ppa, there doesn’t seem to be a version of python-certbot-nginx for ubuntu 17.
Do I need to upgrade to ubuntu 18 to complete the process or will there be a release of certbot for ubuntu 17 before February 13th when the changes come into effect?
Odd-numbered Ubuntu releases have very short lifetimes - https://www.ubuntu.com/about/release-cycle. Ubuntu 17.10 is already EOL, so the Certbot team wouldn’t issue new releases for it.
While you urgently need to upgrade Ubuntu for other reasons, you can continue to use Certbot 0.25.0 (unless you run into bugs). While it uses TLS-SNI-01 validation by default, it supports HTTP-01 as well as more recent versions.
You can use this command to test how things will go:
If you really need to upgrade Certbot, you can use certbot-auto instead. But that's a small hassle (mainly you need to fix a systemd timer to use it) and IMO you should prioritize other things if possible.