OpenSuSE Leap 42.3 and apache highest available Certbot Version is 0.15?


#1

Hello everyone,

I have a problem with my certbot. I also got the mail that I’d have to Update my certbot to not get in trouble with TLS-SNI-01. I followed the instructions in the “Certbot install Instructions” on certbot.eff.org to install the latest version via repository but my Zypper always tells me that I am on the highest available version with “0.15” but everywhere else I see that the most recent version is “0.30”. I checked if my repositorys are outdated but that doesn’t seem to be the case.
I now installed the package manually and because I am not so good with linux environments I have the next little problem. I ran the certbot-auto and under “./certbot-auto certificates” I see all the right certificates but what do I do now? Should I run a “zypper rm certbot” to get rid of the old certbot? How can I be for sure that I don’t have TLS-SNI-01 certificates?

Sorry for so many (stupid) questions but I actually didn’t sign up to administer webservers and certificates but my company still wants me to do it so I have to learn every step on my own…

Thanks in advance


#2

Hi @dst106

there are no TLS-SNI certificates. Tls-sni is a validation method, not saved in the certificate.

Run

./certbot-auto renew --dry-run --preferred-challenges http

to create test-certificates. If that works, you should wait and check, if your certificates are renewed.


#3

Hi @JuergenAuer ,

thanks for your reply!
I did a dry run and it worked without error. I guess I’ll have to wait and see then.

Thank you very much!


#4

Then it should work.

You can add the

--preferred-challenges http

to your renew command.