How to stop using TLS-SNI-01 with Certbot / Ubuntu / Nginx

Environment:

Step 1: Update Certbot to latest version

sudo apt-get update && sudo apt-get install certbot python-certbot-nginx -y

1	sudo apt-get update && sudo apt-get install certbot python-certbot-nginx -y

Confirm version is 0.28 or higher:

certbot --version || /path/to/certbot-auto --version

1	certbot --version \|\| /path/to/certbot-auto --version

Step 2: Follow the guide
Remove any explicit references to tls-sni-01 in your renewal configuration

sudo sh -c "sed -i.bak -e 's/^\(pref_challs.*\)tls-sni-01\(.*\)/\1http-01\2/g' /etc/letsencrypt/renewal/*; rm -f /etc/letsencrypt/renewal/*.bak"

1	sudo sh -c "sed -i.bak -e 's/^\(pref_challs.\)tls-sni-01\(.\)/\1http-01\2/g' /etc/letsencrypt/renewal/; rm -f /etc/letsencrypt/renewal/.bak"

Do a full renewal dry run:

sudo certbot renew --dry-run

1	sudo certbot renew --dry-run

Do or Do not. There is no Try. (Yoda master)