How to stop using TLS-SNI-01 with Certbot / Ubuntu / Nginx
Source: https://community.letsencrypt.org/t/how-to-stop-using-tls-sni-01-with-certbot/83210
Environment:
- Ubuntu 16.04
- Nginx
Step 1: Update Certbot to latest version
sudo apt-get update && sudo apt-get install certbot python-certbot-nginx -y
Confirm version is 0.28 or higher:
certbot --version || /path/to/certbot-auto --version
Step 2: Follow the guide
Remove any explicit references to tls-sni-01 in your renewal configuration
sudo sh -c "sed -i.bak -e 's/^\(pref_challs.*\)tls-sni-01\(.*\)/\1http-01\2/g' /etc/letsencrypt/renewal/*; rm -f /etc/letsencrypt/renewal/*.bak"
Do a full renewal dry run: sudo certbot renew --dry-run
Origin post at https://archive.camratus.com/2019/03/06/how-to-stop-using-tls-sni-01-with-certbot-ubuntu-nginx/ (2019-03-06)