Source: https://community.letsencrypt.org/t/how-to-stop-using-tls-sni-01-with-certbot/83210
Environment:
- Ubuntu 16.04
- Nginx
Step 1: Update Certbot to latest version
1 |
sudo apt-get update && sudo apt-get install certbot python-certbot-nginx -y |
Confirm version is 0.28 or higher:
1 |
certbot --version || /path/to/certbot-auto --version |

Step 2: Follow the guide
Remove any explicit references to tls-sni-01 in your renewal configuration
1 |
sudo sh -c "sed -i.bak -e 's/^\(pref_challs.*\)tls-sni-01\(.*\)/\1http-01\2/g' /etc/letsencrypt/renewal/*; rm -f /etc/letsencrypt/renewal/*.bak" |
Do a full renewal dry run:
1 |
sudo certbot renew --dry-run |
