Your Let’s Encrypt client used ACME TLS-SNI-01 domain validation to issue


Are you seeing this message about your server ?

Action may be required to prevent your Let's Encrypt certificate renewals
from breaking.

If you already received a similar e-mail, this one contains updated
information.

Your Let's Encrypt client used ACME TLS-SNI-01 domain validation to issue
a certificate in the past 60 days

This is an issue caused by the certbot binary being out of date. We are seeing it on a few systems, and it seems there is an easy fix for it!

On Debian, normally: apt-get update ; apt-get install certbot python-certbot-apache -t stretch-backports

should do the trick.

(In the past for Debian Stretch you needed to backports to your sources.list, but this is no longer required. Also note on Stretch that there is an issue that affects –dry-run causing it to fail, but certificates will be issued OK. https://community.letsencrypt.org/t/problem-with-renew-certificates-the-request-message-was-malformed-method-not-allowed/107889/6, )

Anything else you will need to download the binary for as per https://certbot.eff.org/

If you get stuck doing any of this, pop in a support ticket and we can help out.