Programmatic Aspects of Passing TLS-SNI Challenge


Hi All

@schoen @Neilpang hoping you can clarify this from Certbot and client point of view

From reviewing the spec to pass the challenge the following I believe the following needs to be done

A) Create one Self Signed Certificate with two SAN names
B) Create SAN A as per spec
C) Create SAN B as per spec
D) Create an additional SNI Binding (or VHOST or SERVER) for SAN A (leave original Domain Binding Alone)

@schoen can you point me in the direction of where the python code in Certbot to actually construct the self signed cert? Is it in the certbot-apache folder? I have had a look but haven’t had much luck.

Also the code that deals with adding the extra VHOST would be useful.

Is my overall understanding of the process correct?


I have had a look at your code - i understand you create the cert as part of the _starttlsserver call. My question is why is the SAN_A code below commented out? Is it not needed or am I missing something?

elif [ “$vtype” = “$VTYPE_TLS” ]; then
#create A
#_hash_A="$(printf “%s” $token | _digest “sha256” “hex” )"
#_debug2 _hash_A “$_hash_A”
#_x="$(echo $_hash_A | cut -c 1-32)"
#_debug2 _x “$_x”
#_y="$(echo $_hash_A | cut -c 33-64)"
#_debug2 _y “$_y”
#_debug2 _SAN_A “$_SAN_A”

  #create B
  _hash_B="$(printf "%s" "$keyauthorization" | _digest "sha256" "hex")"
  _debug2 _hash_B "$_hash_B"
  _x="$(echo "$_hash_B" | cut -c 1-32)"
  _debug2 _x "$_x"
  _y="$(echo "$_hash_B" | cut -c 33-64)"
  _debug2 _y "$_y"
  _debug2 _SAN_B "$_SAN_B"
  _ncaddr="$(_getfield "$_local_addr" "$_ncIndex")"
  _ncIndex="$(_math "$_ncIndex" + 1)"
  if ! _starttlsserver "$_SAN_B" "$_SAN_A" "$Le_TLSPort" "$keyauthorization" "$_ncaddr"; then
    _err "Start tls server error."
    _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
    _on_issue_err "$_post_hook" "$vlist"
    return 1



Certbot Manual Option to Inclue TLS-SNI SAN B

SAN_A is only needed in tls-02.

The current version is tls-01, so I commented out it.


tls-01 is much too simple than tls-02.


Hi @Neilpang

Sorry to ask another silly question so SAN-B goes into the SNI then as well or is the SNI not needed?



Answered my own question :

Section 7.3.

Boulder implements tls-sni-01 from draft-ietf-acme-01 Section 7.3 instead of the tls-sni-02 validation method.

Relevant Draft:



SNI can not be used in this case.

We don’t know what servername in the ssl sni header is. The ACME document doesn’t specify it.

That means, the boulder server may send ssl request with random servername in sni field.


One update: As of c71c3cf Boulder implements both tls-sni-01 and tls-sni-02 challenge validation, but presently Let’s Encrypt staging & production instances of Boulder do not have it enabled.


Certbot only implements TLS-SNI-01 but the self-signed cert is constructed starting at

but the actual ability to construct the response is way down at


thank you muchly @schoen


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.