It looks like it may not be fixed in time. There is a workaround that has worked nicely for me. The announcement for Let's Encrypt mentions this: https://community.letsencrypt.org/t/important-what-you-need-to-know-about-tls-sni-validation-issues/50811
They suggest "If you use the certbot or letsencrypt command, you are using packages provided by your operating system vendor, which are often slow to update. If this is the case, you should probably switch to certbot-auto". Here is how to switch to certbot-auto: https://certbot.eff.org/lets-encrypt/pip-apache For me, I had to add their PPA, install certbot, and then it recognised all my existing certificates that had been created via the letsencrypt command. You can test this by running sudo certbot renew --dry-run That will simulate doing a renew for your current certificates, so you should see everything coming through. It automatically adds a cron job or systemd timer to renew certificates that are expiring soon. This article was use in confirming the job for me because I couldn't see the Cron job (as had been suggested in the documentation): https://stackoverflow.com/questions/48443791/certbot-where-is-packaged-automatic-renewal-cron-job If you had a cron job set for the letsencrypt command, remember to comment it out. The other benefit is that this should be kept more up to date. Hope this helps. Hope this helps. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1745126 Title: Let's Encrypt has permanently disabled TLS-SNI challenge. Package not compatible any more with LE To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python-letsencrypt/+bug/1745126/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
