I tried to add a domain to a certificate, and certbot-auto (v 0.23) keeps trying to use TLS-01 as the auth method with
I have been able to overcome this by specifying
--preferred-challenge=http-01, but I’d like to know how/why this is happening, because something seems broken on my end.
The cert being expanded - and everything else - in /etc/letsencrypt/renewal shows
pref_challs = http-01,. I can’t find any option/setting/config in
/opt/eff.org that notes TLS-01. (The expanding cert was updated twice with a HTTP-01 too). There are no environment vars that suggest TLS-01 either.