I’m using the latest Certbot with the Apache plugin, and judging from all the activity on the forum right now I think there are a lot of others in the same situation.
Here is what resolved the matter for me:
- In your
preferred-challenges = http.
- Test first with the command
certbot renew --force-renewal --dry-run.
- If no errors, run
certbot renew --force-renewal.
This is tested and working on Ubuntu Server 16.04 and 18.04, which is a pretty typical use-case. I have the cronjob
@daily /usr/bin/certbot renew --quiet (I think this is also pretty typical) and must have missed the earlier warnings about TLS-SNI-01 deprecation.
Hope this helps and thanks to the forum mods, who are probably very busy right now with all the new posts! If you test this method with different plugins and it works, please post a reply so others can find what works easily.