How to determine for which certificate I am using TLS-SNI-01 validation


My domain is:multiple domains, among,

I received an email, that one of my Let’s Encrypt clients has used in the past 60 days the TLS-SNI-01 validation.

As I am using multiple certificates, and thought I checked all and couldn’t find the culprit, is there a way to determine which one is using the TLS-SNI-01 validation, which reaches end-of-live on February 13th?


At the moment, the only way to identify this would be to update your Certbot clients to at least 0.28, and then:

certbot renew --dry-run

If you are using TLS-SNI in that instance, it will complain/warn you about it.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.