Let's Encrypt: certbot version less than recommended by LE?

  • Hi folks,


    I recently received the following email from Let's Encrypt, about one of my servers not managed by i-MSCP:


    The linked article about certbot very strongly suggests that the minimum certbot version should be at least 0.28.0, and the latest version of certbot is in fact 0.30.2.
    However, the version installed by the Let's Encrypt plugin is 0.26.1.


    I realize that i-MSCP already uses the http-01 challenge, so the tls-sni-01 deprecation does not affect my i-MSCP server in that way. But I wanted to ask if it would make sense to update certbot to the newest version manually, or if maybe a new version of the LE plugin that includes the latest certbot is on the horizon anyway.


    Thanks in advance for your help. :)

  • yap a friend of mine bought the plugin 2 weeks ago too and we installed it and got certs. one day later we got the same email as the rcrave.

    pls update this plugin to use the latest certbot or we will not be able to get new certs starting from feb 13. 2019. 5 days to go...

    thank you

  • yap a friend of mine bought the plugin 2 weeks ago too and we installed it and got certs. one day later we got the same email as the rcrave.

    pls update this plugin to use the latest certbot or we will not be able to get new certs starting from feb 13. 2019. 5 days to go...

    thank you

    You should really refrain yourself when you start talking something that you don't understand... The message you did received doesn't say that your certificates won't be issued/renewed cause of the old version of Certbot that you're using. That message simply state that the TLS-SNI-01 validation method will stop working. The fact is that the plugin doesn't use (and never has used) that validation method. The plugin make use of the HTTP-01 validation method.


    If you received that message, that is either because you issued SSL certificates manually, using the TLS-SNI-01 validation method, either because the message is a generic one sent to all people using a Certbot version supporting the TLS-SNI-01 validation method. Certbot will be updated in next plugin version anyway. In any case, this doesn't cause any problem.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Nuxwin

    Closed the thread.