IMPORTANT: What you need to know about TLS-SNI validation issues

[Update 2019-02-11: TLS-SNI-01 is going away soon. Here’s what to do for Certbot users. TLS-SNI-03 turned into TLS-ALPN-01, which is not implemented by Certbot.]

On 2018-01-09 we got a report from Frans Rosén of Detectify that one of our three validation methods, TLS-SNI-01, could be used to get certificates for domains you don’t own, if those domains were hosted on software that allowed upload of arbitrary certificates. We immediately disabled TLS-SNI-01. Initially we thought this would be a temporary measure, but we later learned that a lot of hosting software has this issue. We’ve decided that TLS-SNI will remain disabled for most new issuances.

Renewals will continue to work with TLS-SNI, so if you only need to renew certificates, you don’t need to take any immediate action, but you should continue to keep your ACME client software up-to-date.

If you use Certbot in its automatic Nginx or Apache modes, you need to upgrade to version 0.21 in order to issue certificates for new domain names. If you use the certbot or letsencrypt command, you are using packages provided by your operating system vendor, which are often slow to update. If this is the case, you should probably switch to certbot-auto, which provides the latest version of Certbot on a variety of operating systems. Also note: If you block port 80 on your web server, upgrading to the latest Certbot will not fix your problem, because it switches to the HTTP-01 validation method, which uses port 80. I recommend opening port 80 and redirecting HTTP traffic to HTTPS.

The long-term plan is to remove TLS-SNI-01 and TLS-SNI-02 (which has the same problem) from the ACME spec. The IETF ACME group is working to develop a followup TLS-SNI-03 validation method (aka challenge) that solves the problem. You can participate via the mailing list. It will take significant time to standardize and implement TLS-SNI-03, so you should plan on using HTTP-01 or DNS-01 in the meantime. If you have good automation for your DNS servers, DNS-01 is a good option for two reasons: It works well even when you have multiple frontend servers, and future support for wildcard issuance will require DNS-01 validation.

Relevant previous posts:

14 Likes
Certbot was perfect
Certbot IPs to authorize through 443 port
Not able to renew the Certificates, need help to resolve the issue, few certificates are in Expired state
Failed to renew expired certificate
Let's Encrypt without port 80
Renewal of certificate on nginx / Fedora 27 not working
Letsencrypt-auto renew no longer works
Cannot renew certs on Nginx
Help with certificate renewal
Urn:acme:error:connection :: The server could not connect to the client to verify
How can I update my certbot in fedora 25
Failure to obtain certificate - Ubuntu 16.04 - Nextcloud 13 - Nginx
Unable to renew or create cert
Attempting to parse the version 0.24.0 renewal configuration file found with version 0.14.2 of Certbot
Renew dry run works but renew fails
Pound, varnish, apache: add a domain
Certificate renewal on Ubuntu 16.4 failed
Debian packages held back from backports
Which challenge?
DNS-01 Wildcard Policy Feedback
SOLVED: renew dry-run error when no http:80 port available
Renew issues after Debian Upgrade
Cannot Create Certificate for 1 Domain
Renew error: Incorrect validation certificate for tls-sni-01 challenge. Received 2 certificate(s), first certificate had names "biszumbitterenen.de"
Trouble switching from a manual to regular cert
Crypto: golang.org/x/crypto/acme/autocert - How to Troubleshoot Let's Encrypt Errors with Docker Packages
ACMEv2 and Wildcard Launch Delay
Client lacks sufficient authorization
2 sites configured identically, one will autorenew, one won't
Problems renewing my certificate
Unable to get a certificate, timeout error
Documentation/Examples in Configuring nginx for automated certificate renewal
Error creating certificate(s)
Updating my e-mail address with certbot
Renew failed: Failed authorization procedure urn:acme:error:unauthorized
Create certificate for a new domain in Ubuntu 16.04 (Apache)
How can I update my certbot in fedora 25
Can not get domain token
Ssl won't renew
Use ports different from 80/443 to renew/issue the certificate
Timeout during connect (likely firewall problem)
Is TLS-SNI-01 still usable
My first letsencrypt renew.... attempt failed!
Error renewing cert, certbot status 400
Unable to renew certificates via http-01 apache2, Raspbian stretch, certbot