Tls-sni-01 or tls-sni-02 to support now?


I just found the in the spec is tls-sni-02 .

But the Letsencrypt server responses tls-sni-01 to me?

Does it mean that LetsEncrypt will soon update to support tls-sni-02 ?

What is the timeline ?

And where to find the tls-sni-01 spec ?



Boulder currently implements the acme-01 draft, which only has TLS-SNI-01.

I think the plan is to keep on acme-01 to preserve backwards compatibility, and run future versions of acme on something like once the changes are implemented.


Thanks for your answer.
Got it.


@Neilpang, congratulations on News! now supports tls-sni-01 validation!!


Hi, @schoen



A post was split to a new topic: Concerns about tls-sni-01


Hi @pfg

Any updates on this?

Are there any advantages of TLS-SNI-02 over TLS-SIN-01