We believe we’ve completed our upgrade to an ACME2 client, however we want a surefire guaranteed way to confirm that we’re not still accidentally using ACME1 under the hood.
After the upgrade, our new certbot version is…
$ certbot --version certbot 0.31.0
We’ve already successfully created and installed certs with the new client. How can we confirm beyond the shadow of any doubt that we’re using ACME2 under the hood, not ACME1, and that we won’t be surprised and S.O.L. come June 1st?
There must be some quick command to check. I used the
-v toggle and saw lines like the following:
Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
So, I’m fairly confident we’re good to go, but I want absolute confidence.
Some of the usual info asked…
I ran this command:
certbot certonly --webroot --csr /path/to/my.csr -w /path/to/my/webroot -d domain1 -d domain2 (etc etc)
It produced this output:
the usual successful message about a successful cert
The operating system my web server runs on is (include version):
I can login to a root shell on my machine (yes or no, or I don’t know):