TLS SNI 01 authentication removed, must upgrade to 0.21.0 to renew

Bug #1745227 reported by Ray Foss on 2018-01-24
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
python-certbot (Ubuntu)
High
Unassigned
Xenial
High
Unassigned
Artful
High
Unassigned

Bug Description

https://github.com/certbot/certbot/issues/5405#issuecomment-358524100

TLS-SNI-01 had a CA security issue in shared hosts, as such the letsencrypt CA blocked the auth method. The update is in 0.21.0, until it's pushed out renewing will be more difficult as you'll need to configure webroot renewals.

This affects all current and future versions. I'm in 14.04.5 LTS
I'm on certbot 0.19.0, 20.0-3 is available in The Bionic Beaver

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in python-certbot (Ubuntu):
status: New → Confirmed
Jeremy Bicha (jbicha) on 2018-03-25
Changed in python-certbot (Ubuntu):
importance: Undecided → High
status: Confirmed → Fix Released
Changed in python-certbot (Ubuntu Xenial):
importance: Undecided → High
status: New → Triaged
Changed in python-certbot (Ubuntu Artful):
importance: Undecided → High
status: New → Triaged
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers