LetsEncrypt + Cloudflare Certificate Renewal

I spent a lot of time today trying to renew a SSL certificate which used LetsEncrypt.

The command as per LetsEncrypt documentation to renew SSL certificate is simple.

certbot renew

Running this command though, returned this error. unexpected error: Failed authorization procedure. {{DOMAIN} (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization

I tried a few other methods to renew the certificate, but they all failed.

The solution which worked:

1) service apache2 stop

2) certbot certonly –manual -d {{DOMAIN}} –preferred-challenges=”dns”

3) Certbot will suggest a TXT record to add to DNS. Add the suggested TXT record in Cloudflare DNS and back on the server, press Enter to continue.

4) Certificate is renewed.

5) service apache2 start

Server: Ubuntu 16.04. Software: Apache

🎉

Sunil Shenoy @sunil
Made with