Hello,
I just received the mail about TLS-SNI-01 end of life.
I use Let’s Encrypt on Plesk servers; Plesk knowledge base says they never used TLS-SNI-01: https://talk.plesk.com/threads/lets-encrypt-issue-with-tls-sni-01.346524/
At this point I’m really confused… I have lots of server and lots of domains; is there any way to know which domains the mail refers to?
Thanks in advance.
Hi @letsdebug
if you don't use tls-sni-01 - validation, ignore the mail.
http-01 / dns-01 works.
gmx
January 18, 2019, 11:01am
3
We received the same email but I honestly am not sure whether we’ve ever used TLS-SNI-01 or not. We use certbot on CentOS 7 - what is the default method of auth please?
Thanks
That depends on your certbot version (old: tls-sni was standard) and your config.
Check your config / renew files. “standalone” and “tls-sni” is critical.
gmx
January 18, 2019, 12:36pm
5
So presumably the version in the RHEL7 repos is up to date? In which case presumably I can just update certbot from there?
_az
January 18, 2019, 12:38pm
6
gmx:
RHEL7
To get up-to-date Certbot on EL7 and its derivatives, you need to install it from EPEL, as shown here: https://certbot.eff.org/lets-encrypt/centosrhel7-other
The RHEL repos themselves may sport a non-current version.
What’s important to you is for Certbot to be 0.28 or higher:
certbot --version
system
Closed
February 17, 2019, 12:38pm
7
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.