Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA


#1

Error: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

I’m following the Let’s Encrypt guide but got stuck here and don’t know how to troubleshoot further. Any tips are appreciated (even simple things!)

Server:
Ubuntu 16.04.3 LTS

Provider:
Namecheap

Following guides:
Let’s Encrypt
Digital Ocean


#2

May be related to an active incident:

https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/5a55777ed9a9c1024c00b241

Could you show the command you are running and also the Certbot configuration for your domain (located in /etc/letsencrypt/renewal/*.conf)?


#3

May be the LE server failed temp!
For more information to visit: https://letsencrypt.status.io/


#4

Same problem with renew command

certbot -q renew
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
Attempting to renew cert (***) from /etc/letsencrypt/renewal/***.conf produced an unexpected error: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA… Skipping.


#5

These errors are not due to anything that you’re doing but rather due to the security incident that @_az mentioned.


#6

I just wrote some advice about working around this with Certbot here which people should hopefully find helpful.


#7

I’ve also got the same error while following the documentation


#9

so, is this issue going to be for everyone using Let’s Encrypt?


#10

Everyone using the tls-sni challenge, yes. Other challenge methods are not affected.


#11

Good evening I can not install an SSL certificate that can tell me the method to follow to install it on VPS debian 8 64Bit

Putty error message

Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

thank you in advance for your help


#12

Please see the post linked below. This is due to a security issue that resulted in the disabling of the tls-sni-01 challenge type, so you will need to alter your setup to use an alternate method, either http-01 or dns-01.


#13

I just did that like writen there: https://www.tecmint.com/setup-https-with-lets-encrypt-ssl-certificate-for-nginx-on-centos/
and its all working fine for me now


#14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.