昨天收到來自 Let's Encrypt 的 mail
Hello,
**Action is required to prevent your Let's Encrypt certificate renewals from breaking.**
Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue a certificate in the past 60 days.
TLS-SNI-01 validation is reaching end-of-life and will stop working on **February 13th, 2019.**
You need to update your ACME client to use an alternative validation
method (HTTP-01, DNS-01 or TLS-ALPN-01) before this date or your
certificate renewals will break and existing certificates will start to
expire.
我是使用certbot來更新
原來的指令是
/usr/bin/certbot renew
預設就是使用 TLS-SNI-01
所以要把指令改成
/usr/bin/certbot --preferred-challenges http-01 renew
沒有留言:
張貼留言