Related

how to enable HTTP/2 after installing SSL via letsencrypt in command line Question Question
Webmin - Lets' encrypt SSL_ERROR_RX_RECORD_TOO_LONG (Firefox) Question Question

Question

How can I renew my Let's Encrypt Certificate?

Posted December 2, 2019 5.8k views
Let's Encrypt

Hi there,
I’m trying to renew my Let’s Encrypt certificate but the server returns this: “Client with the currently selected authenticator does not Support any combination of challenges that will Satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS”.

I tried three different commands that I found at digitalocean community:

  1. sudo certbot –apache -d xplendid.place -d *.xplendid.place
  2. sudo certbot certonly –standalone –preferred-challenges http -d xplendid.place -d *.xplendid.place
  3. sudo certbot certonly –standalone –preferred-challenges tls-sni -d xplendid.place -d *.xplendid.place

Server System: Linux Xplendid 4.15.0-62-generic #69-ubuntu SMP Wed Sep 4 20:55:53 UTC 2019 x86 64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic

I’m a new user and I’m not an experient one.
Could you help me sending instructions on how to fix this issue?

Thank you in advance.

Estanislao

Add a comment
estanis
By:
estanis

Related

how to enable HTTP/2 after installing SSL via letsencrypt in command line Question Question
Webmin - Lets' encrypt SSL_ERROR_RX_RECORD_TOO_LONG (Firefox) Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
3 answers
bobbyiliev December 3, 2019

Hello,

In order to renew a wildcard certificate, you need to use the following command:

certbot certonly --manual --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory -d "*.example.com" -d example.com

After that you would be asked to add a TXT DNS record for your domain name. This is how your domain name would be verified.

Once you add your TXT record just press Enter and your certificate should get renewed.

Hope that this helps!
Regards,
Bobby

Reply Report
estanis December 3, 2019

Hi, bobbyiliev,
Thanks for your help.
I used the command you sent in your answer and the certificate was generated without problems after I deployed the DNS TXT I received a message informing me that the certificate and chain has been saved.
But the browser still informing that the website is not secure.
How can I fix this? What else do I have to do to fix this issue?
Regards,
Estanislao

Reply Report
estanis December 3, 2019

Hi, bobbyiliev,
It works!
I restarted the apache and now the website is working properly.

Thank you very much!

Regards,
Estanislao

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help