How to update ACME client for Letsencrypt new validation method?
Hello! We received the following email from Let's Encrypt. Can you help us in updating our ACME client. We are using following command to renew certificates:
/opt/letsencrypt/letsencrypt-auto certonly --renew-by-default --webroot -w /var/www/html/example.com/ -d example.com -d www.example.com
Action is required to prevent your Let's Encrypt certificate renewals from breaking.
Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue a certificate in the past 60 days.
TLS-SNI-01 validation is reaching end-of-life and will stop working on February 13th, 2019.
You need to update your ACME client to use an alternative validation method (HTTP-01, DNS-01 or TLS-ALPN-01) before this date or your certificate renewals will break and existing certificates will start to expire.
1 Reply
Did you install based on this document? There's an updated version of the document recommending using Certbot
https://www.linode.com/docs/security/ssl/install-lets-encrypt-to-create-ssl-certificates/
You also might just need to get the latest update of the library
cd /opt/letsencrypt
git pull