Change scheduled renew to use HTTP instead of TLS



OS: Ubuntu 14.04
Webserver: Apache2

I’ve setup certbot to renew a set of domains, i did this a few months ago and when i did dry runs back then everything appeared to work fine, now when domains are nearing expire i am getting issues, it appears the certbot is using “TLS” to renew the domains and not the default http which i believe it was using when i set this up.

Perhaps there has been updates to either certbot or cloudflare that changed the way this works, but using TLS no longer works for me even though i’ve set the domains to allow tls 1.0 on cloudflare.

Anyway, it still works fine using http so my question is:

How do i change the default running cronjob for certbot to use http challenge instead of tls? I’ve looked in crontab and i cannot find where the certbot is running its schedule from.

I’m thinking i need to add “–preferred-challenges http” somewhere.



found it: etc/cron.d/certbot