Failed authorization procedure usign the client

The following command throws this error:

./letsencrypt-auto certonly --standalone -d
Checking for new version…
Requesting root privileges to run letsencrypt…
sudo /home/pi/.local/share/letsencrypt/bin/letsencrypt --no-self-upgrade certonly --standalone -d
Failed authorization procedure. (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Correct zName not found for TLS SNI challenge. Found ‘


  • The following errors were reported by the server:

    Type: unauthorized
    Detail: Correct zName not found for TLS SNI challenge. Found

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A record(s) for that domain
    contain(s) the right IP address.

when I have seen this issue, I have checked my A records to find that some servers were down. I removed their IPs from the domain and the zName error was fixed

Hello @running,

I suppose this issue could be related to a change in your dynamic public ip and an error or slowness propagation to dyndns dns servers. I suppose that because you didn’t do a good job masquerading your real domain and I can see that you issued a valid cert for your domain yesterday 17th February ;).


Hi Sahsanu,

Sort of yes no, yes I was able to get a new certificate through the manual procedure

run only once per server:

$(command -v python2 || command -v python2.7 || command -v python2.6) -c
“import BaseHTTPServer, SimpleHTTPServer;
s = BaseHTTPServer.HTTPServer((’’, 80), SimpleHTTPServer.SimpleHTTPRequestHandler);

letsencrypt-auto certonly --manual

I wonder if my setup is causing the trouble, I have two raspberrypi’s both running a web server one Apache the other Nginx. The apache one uses port 1954 for https and nginx the standard port. I try to generate the certificates on the machine running Apache. It first tells me to stop the webserver and then throws the error as in the original mail