Verifying current version uses the v1 endpoint:
$ sudo certbot run
...
In bionic, for some reason (debug level?) the acme url is not shown in the normal output, so I checked the log at /var/log/letsencrypt/letsencrypt.log and there it was, v1 was used:
2019-10-25 21:15:35,657:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Now let's update to the packages in proposed:
*** 0.27.0-1~ubuntu18.04.1 500
500 http://us.archive.ubuntu.com/ubuntu bionic-proposed/universe amd64 Packages
And run again:
$ sudo certbot run
(...)
This time the log shows v2 was used:
2019-10-25 21:22:33,050:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Testing fake renew also uses v02 and works:
$ sudo certbot --dry-run renew
(...)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/certbot-test.justgohome.co.uk/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
(...)
bionic verification
Verifying current version uses the v1 endpoint: letsencrypt/ letsencrypt. log and there it was, v1 was used:
$ sudo certbot run
...
In bionic, for some reason (debug level?) the acme url is not shown in the normal output, so I checked the log at /var/log/
2019-10-25 21:15:35, 657:DEBUG: urllib3. connectionpool: Starting new HTTPS connection (1): acme-v01. api.letsencrypt .org
Now let's update to the packages in proposed: 1~ubuntu18. 04.1 500 us.archive. ubuntu. com/ubuntu bionic- proposed/ universe amd64 Packages
*** 0.27.0-
500 http://
And run again:
$ sudo certbot run
(...)
This time the log shows v2 was used: 050:DEBUG: urllib3. connectionpool: Starting new HTTPS connection (1): acme-v02. api.letsencrypt .org
2019-10-25 21:22:33,
Testing fake renew also uses v02 and works:
$ sudo certbot --dry-run renew
(...)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed: letsencrypt/ live/certbot- test.justgohome .co.uk/ fullchain. pem (success)
/etc/
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
(...)
Revoking: t/live/ certbot- test.justgohome .co.uk/ fullchain. pem letsencrypt/ letsencrypt. log
$ sudo certbot revoke --cert-path /etc/letsencryp
Saving debug log to /var/log/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you like to delete the cert(s) you just revoked?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es (recommended)/(N)o: y
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - test.justgohome .co.uk.
Deleted all files relating to certificate certbot-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - t/live/ certbot- test.justgohome .co.uk/ fullchain. pem
Congratulations! You have successfully revoked the certificate that was located
at /etc/letsencryp
Bionic verification succeeded.