Need help: Action required: Let's Encrypt certificate renewals TLS-SNI-01 domain validation


#1

I received the message “Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue a certificate in the past 60 days.”

How can I check if this issue applies to me or how to fix this?

I’m running:
Ubuntu 16.04
nginx 1.10.3
letsencrypt 0.4.1

When checking the renewal config files of a domain I noticed the following line:
standalone_supported_challenges = "tls-sni-01,http-01"

Does this mean that it is falling back to http domain validation?


#2

Hi @sander92

what’s that? That sounds extremely old. Letsencrypt is now certbot, version 28 or 30.

So first update your Certbot.


#3

You can get the latest version by following the instructions on https://certbot.eff.org/


#4

@JuergenAuer I’m not quite sure where I got that from anymore to be honest.

I installed the latest Certbot using the link provided by @jmorahan and to be sure I’m not running into problems with the soon-to-be deprecated domain validation method I just installed new SSL certificates for all my domains by using Certbot, so all should be fine now.

Thank you for your help guys!


#5

It’s the version packaged in Ubuntu 16.04. It was released in March 2016.

“letsencrypt” was renamed to Certbot in version 0.6.0 in May. :slightly_frowning_face:


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.