Laravel Forge - LetsEncrypt Certificates Failing to Renew
When LetsEncrypt arrived a few years ago, it definitely had one of largest
impacts on the web in living memory. Suddenly everyone could have SSL for their
website with minimal effort.
Over time, the way that systems like LetsEncrypt have to change the way they
work for operational and security reasons. One of these recent changes means
that your existing issued certificates may cease to renew. The reason for this
is because the TLS-SNI-01 challenge has been revoked.
You can see plenty of posts around the web discussing the change and the fix isn’t too painful to implement.
For Laravel Forge and other Ubuntu 16 compatible systems, you can run the
following commands to upgrade your version of certbot and get back to issuing
your certificates:
sudo apt-get update
apt-get install software-properties-common
add-apt-repository universe
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install certbot python3-certbot-nginx
Then run certbot
and it’ll prompt you with a list of your sites to update:
From there you’ll be able to issue certificates as normal and auto-renewals
should succeed.