Certificate renew on old Debian OS

roshan · March 4, 2020, 1:16pm

We are using LetsEncrypt SSL certificates for our webservers.
Currently our LetsEncrypt SSL certificates are valid till 31/05/2020.
We were informed by our server support team that since the servers we are using is running on Debian OS “Stretch” (9.6) we will have to be upgraded to latest Debian OS before Jun 2020 otherwise LetsEncrypt will not work after June 2020.

Can you please confirm that this is true. ?
Do we really need to upgrade to Debian 10 in order to continue use LetsEncrypt or will LE continue to work as now in Debian 9.6 ?

Marcovl · March 4, 2020, 4:14pm

Probably related to End of Life Plan for ACMEv1
If your Let’s Encrypt client only supports ACME v1 and not v2, if I read it correctly, it won’t be able to issues certificates for new hostnames from June onwards.

ndilieto · March 4, 2020, 5:51pm

I have an old debian server still running Debian 8 and it’s happily working with the lightweight client I wrote: https://github.com/ndilieto/uacme

You will have to compile from source but it’s not difficult.

JuergenAuer · March 4, 2020, 6:42pm

Hi @roshan

that's not an OS problem. Your OS is not really relevant. Your client is relevant.

So if you use a client that supports ACME-v2 and works on your OS, all is ok.

So: What's your client? Is ACME v2 used?

system · April 3, 2020, 6:42pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
CERTBOT and ACMEV2 upgrade Help	5	1827	March 6, 2020
Debian jessie Certbot still using AcmeV1 (CertbotACMEClient/1.3.0)? Help	5	2264	June 14, 2020
Recent email form Letsencypt Help	3	814	February 17, 2019
[Debian 9 / Certbot 0.28.0] Update your client software to continue using Let's Encrypt Help	9	2992	April 10, 2020
How to update Letsencrypt ACME client for new validation method? Help	3	1230	March 7, 2019

Certificate renew on old Debian OS

Related topics