Issue upgrading certbot from 0.10.2


#1

Hello,

i received the ’ Action required: Let’s Encrypt certificate renewals’ email saying that ‘Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue
a certificate in the past 60 days.’

I am trying to upgrade from an old certbot 0.10.2 to the latest version, but nothing I have tried works without giving errors.

I’m on Debian Jessie running Apache.

I have run apt-get upgrade and apt-get update, but cretbot has not been updated from 0.10.2

I’ve looked at https://community.letsencrypt.org/t/how-to-stop-using-tls-sni-01-with-certbot/83210 but I have an error running: certbot renew --dry-run which gives me Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. which, from reading, means that I need to update certbot, but I’ve not been able to.

Is my only option to remove certbot and install certbot-auto as mentioned here: https://certbot.eff.org/lets-encrypt/debianjessie-apache ?

Not sure how to proceed.

Thanks.


#2

0.10.2 is currently the least old version available in apt on Jessie.

https://packages.debian.org/search?keywords=certbot

To upgrade, you would have to use Certbot auto – and fix Certbot’s cron job / systemd timer.

You can also make 0.10.2 work by configuring it to use the webroot plugin to validate.