On my Leap 15.0 system with certbot 0.24.0 (I did not manually switch to python2-certbot as suggested in some comments here), my weekly certbot cronjob renewed my cert on 2019-03-23 without errors. That's after the announced TLS-SNI-01 end-of-life. Reading on https://community.letsencrypt.org/t/tls-sni-01-validation-is-reaching-end-of-life/82970/4 > Certbot 0.23.0 is new enough that it supports HTTP validation, but old > enough that it will continue to use TLS-SNI validation by default until > Let���s Encrypt disables it. I guess that certbot 0.24.0 automatically switched from using TLS-SNI to some other method when TLS-SNI was no longer accepted by the cert server. This would mean that previous information from the https://community.letsencrypt.org/t/how-to-stop-using-tls-sni-01-with-certbot/83210 0.24.0 being too old was wrong and we are fine to keep certbot 0.24.0 (until some other problem emerges). Right?