Action is required to prevent your Let’s Encrypt certificate renewals from breaking.
Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue a certificate in the past 60 days.
"TLS-SNI-01 validation is reaching end-of-life and will stop working on February 13th, 2019.
You need to update your ACME client to use an alternative validation method (HTTP-01, DNS-01 or TLS-ALPN-01) before this date or your certificate renewals will break and existing certificates will start to expire.
If you need help updating your ACME client, please open a new topic in the Help category of the Let’s Encrypt community forum:
"
My domain is: https://geometricfigure.com
I ran this command: na
It produced this output: na
My web server is (include version): nginx 8
The operating system my web server runs on is (include version): Ubuntu 16.04
My hosting provider, if applicable, is: Digital Ocean
I can login to a root shell on my machine (yes or no, or I don’t know): yes!
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
Thank you so much for the response.
I found /etc/letsencrypt/renewal/geometricfigure.conf and the cli.conf right above it. I added :
preferred-challenges = http
to it.
when I ran letsencrypt, I got :
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/geometricfigure.com-0001/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/geometricfigure.com-0001/privkey.pem
Your cert will expire on 2019-04-18. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the “certonly” option. To non-interactively renew all of
your certificates, run “certbot renew”
when I run certbot renew , I get:
The following certs are not due for renewal yet:
/etc/letsencrypt/live/geometricfigure.com-0001/fullchain.pem (skipped)
/etc/letsencrypt/live/vertexmatrix.com/fullchain.pem (skipped)
/etc/letsencrypt/live/geometricfigure.com/fullchain.pem (skipped)
No renewals were attempted.
Wow, thats a bunch of info!
I don’t know how to create one certificate with two domain names, so I just ran letsencrypt on all of the www and regular domains. It says it worked, but I don’t have the tool that you used to check all of those things.
Thanks for your help!