Error when renewing certificate

Hi everybody,

Like my tittle says, I have a problem renew my certificate.

using this command

sudo ./certbot-auto renew -v --debug

Always returns a error like this :

 Domain: jira.x.com
   Type:   unauthorized
   Detail: Incorrect validation certificate for tls-sni-01 challenge.
   Requested
   a58cacec9c879052cf8f609e26f86f22.839cc1b791385c60d49519fca5bbead1.acme.invalid
   from 34.x.y.z:443. Received 1 certificate(s), first
   certificate had names "jira.x.com"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

I check the DNS A records and it’s point to the IP mentioned in the error.

obtening certificate from certbot-auto certificates returns

Found the following certs:
  Certificate Name: jira.x.com
    Domains: jira.x.com
    Expiry Date: 2018-04-19 13:55:19+00:00 (VALID: 19 days)
    Certificate Path: /etc/letsencrypt/live/jira.x.com/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/jira.x.com/privkey.pem

As new to certificate world , I’m wondering where should I check to correct this problem?

Hi,

Since TLS-SNI is not available to new issuerance and would cause trouble (the method you are using)

I suggest to use http or DNS validation.
Just issue a new cert instead of using renew (you should be able to still renew normally using tls-sni, however I have no clue how to debug it or force the renew to use other validation)

Thank you

Thanks!

Just found the issue for this situation this morning… and avoid one silly question

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.