How to update Letsencrypt ACME client for new validation method?


Hello! We received the following email from Let’s Encrypt.

**Action is required to prevent your Let's Encrypt certificate renewals from breaking.**

Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue a certificate in the past 60 days.

TLS-SNI-01 validation is reaching end-of-life and will stop working on  **February 13th, 2019.**

You need to update your ACME client to use an alternative validation method (HTTP-01, DNS-01 or TLS-ALPN-01) before this date or your certificate renewals will break and existing certificates will start to expire.

We are using CentOS 6/apache/Linode_VPS/single domain running on VPS and manually edited the vhost file.
Can you help us in updating our ACME client. We are using following command to renew certificates:

/opt/letsencrypt/letsencrypt-auto certonly --renew-by-default --webroot -w /var/www/html/ -d -d

Below command gives me certbot: command not found

certbot --version



Your version of certbot is /opt/letsencrypt/letsencrypt-auto .

The fact that you are:

  1. Using certbot-auto/letsencrypt-auto (which auto-updates itself)
  2. Using the webroot challenge

means that you do not need to take any action as suggested by the email.

Verify that everything works with:

/opt/letsencrypt/letsencrypt-auto renew --dry-run
/opt/letsencrypt/letsencrypt-auto --version


What does “/opt/letsencrypt/letsencrypt-auto certificates” show?

closed #4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.