http://bugzilla.opensuse.org/show_bug.cgi?id=1123345 Bug ID: 1123345 Summary: Certbot does not seem ready for TLS-SNI-01 reaching end-of-life Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: x86-64 OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other Assignee: bnc-team-screening@forge.provo.novell.com Reporter: jwagner@computing.dcu.ie QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Leap 15.0 comes with certbot 0.24.0, which is not ready for TLS-SNI-01 validation reaching end-of-life in 2019Q1 according to https://community.letsencrypt.org/t/how-to-stop-using-tls-sni-01-with-certbo... Package version suffix and zypper log/history does not suggest that functionality has been backported recently and I received a warning e-mail yesterday that I used ACME TLS-SNI-01 domain validation on 2019-01-19 (subject line "Action required: Let's Encrypt certificate renewals"). I use `certbot --apache certonly` for a single virtual domain and call `/usr/bin/certbot renew --quiet` weekly via crontab. Briefly scanning the certbot log for "sni", tls-sni-01 seems to have been used for the renewal on 2019-01-19. -- You are receiving this mail because: You are on the CC list for the bug.