Ubuntu
python-letsencrypt-apache package

python-letsencrypt-apache issue

Asked by Francesco Mattu

Since January, this package doesn't work as in the past
In case of a new generation of a SSL certificate for a new domain:

sudo letsencrypt --apache -d newdomain.com -d www.newdomain.com

it fails because the preferred-challenges to obtain a new SSL are changed (TLS-SNI-01 is not available anymore for security reasons:
https://community.letsencrypt.org/t/renew-multiple-certs-fails-but-dry-run-works/53312/2
), and an error message upon a request is thrown:

"Client does not support any combination of challenges that will satisfy the CA".

This error is similar to the one described here for certbot:
https://community.letsencrypt.org/t/solution-client-with-the-currently-selected-authenticator-does-not-support-any-combination-of-challenges-that-will-satisfy-the-ca/49983?source_topic_id=51300

Is there any chance to have soon available the updated package for letsencrypt or certbot upon update/upgrade on repos, which will allow to run smoothly a new request without reconfiguring everything on the server? When will it be available approx.?

Checking the repo, it seems that we are still behind on the stable Ubuntu version:
https://packages.ubuntu.com/search?suite=default&section=all&arch=any&keywords=letsencrypt&searchon=names

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu python-letsencrypt-apache Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#1

I suggest you report a bug. Mark it as a security issue

Can you help with this problem?

Provide an answer of your own, or ask Francesco Mattu for more information if necessary.

To post a message you must log in.