Need help: Action required: Let's Encrypt certificate renewals TLS-SNI-01 domain validation

I received the message “Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue a certificate in the past 60 days.”

How can I check if this issue applies to me or how to fix this?

I’m running:
Ubuntu 16.04
nginx 1.10.3
letsencrypt 0.4.1

When checking the renewal config files of a domain I noticed the following line:
standalone_supported_challenges = "tls-sni-01,http-01"

Does this mean that it is falling back to http domain validation?

Hi @sander92

what's that? That sounds extremely old. Letsencrypt is now certbot, version 28 or 30.

So first update your Certbot.

1 Like

You can get the latest version by following the instructions on

1 Like

@JuergenAuer I’m not quite sure where I got that from anymore to be honest.

I installed the latest Certbot using the link provided by @jmorahan and to be sure I’m not running into problems with the soon-to-be deprecated domain validation method I just installed new SSL certificates for all my domains by using Certbot, so all should be fine now.

Thank you for your help guys!

It's the version packaged in Ubuntu 16.04. It was released in March 2016.

"letsencrypt" was renamed to Certbot in version 0.6.0 in May. :slightly_frowning_face:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.