I got an email from Let’s Encrypt saying that I am using an old protocol to update my certificates:
According to our records, the software client you’re using to get Let’s Encrypt TLS/SSL certificates issued or renewed at least one HTTPS certificate in the past two weeks using the ACMEv1 protocol. Here are the details of one recent ACMEv1 request from each of your account(s):
Looking on my server, I found that I have version 0.23.0 installed:
$ certbot --version
certbot 0.23.0
When I checked to see if it was upgradeable, I did find certbot in the list:
$ sudo apt list --upgradeable
...
certbot/bionic-updates,bionic-updates,bionic-updates,bionic-updates 0.27.0-1~ubuntu18.04.1 all [upgradable from: 0.23.0-1]
...
python3-acme/bionic-updates,bionic-updates,bionic-updates,bionic-updates 0.31.0-2~ubuntu18.04.1 all [upgradable from: 0.22.2-1ubuntu0.1]
python3-certbot/bionic-updates,bionic-updates,bionic-updates,bionic-updates 0.27.0-1~ubuntu18.04.1 all [upgradable from: 0.23.0-1]
p
So, I updated it with the apt command:
$ sudo apt dist-upgrade
After it ran to completion, the version was 0.27.0:
$ certbot --version
certbot 0.27.0
I tried to verify with this command:
$ sudo certbot renew --dry-run