Failed to upgrade certbot on Ubuntu Bionic

apt server 18.04 nginx letsencrypt

Try with the following commands (replace -nginx with -apache if you need) to get the latest version of CertBot:

sudo apt update
sudo apt install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt update

If this is a new installation or it's not a problem to upgrade all packages on your system:

sudo apt install python-certbot python-certbot-nginx
sudo apt install python3-certbot python3-certbot-nginx 
sudo apt upgrade

If you do not want to upgrade all packages in your system, then you can use:

sudo apt install --only-upgrade python-certbot python-certbot-nginx
sudo apt install --only-upgrade python3-certbot python3-certbot-nginx

References:

  • https://certbot.eff.org/lets-encrypt/ubuntubionic-nginx
  • https://certbot.eff.org/lets-encrypt/ubuntubionic-apache
  • certbot version updgrade not implemented

Reasons to update - from Let's Encrypt newsletter:

TLS-SNI-01 validation is reaching end-of-life. It will stop working temporarily on February 13th, 2019, and permanently on March 13th, 2019. Any certificates issued before then will continue to work for 90 days after their issuance date.

You need to update your ACME client to use an alternative validation method (HTTP-01, DNS-01 or TLS-ALPN-01) before this date or your certificate renewals will break and existing certificates will start to expire.

Our staging environment already has TLS-SNI-01 disabled, so if you'd like to test whether your system will work after February 13, you can run against staging: https://letsencrypt.org/docs/staging-environment/

If you're a Certbot user, you can find more information here: https://community.letsencrypt.org/t/how-to-stop-using-tls-sni-01-with-certbot/83210

Our forum has many threads on this topic. Please search to see if your question has been answered, then open a new thread if it has not: https://community.letsencrypt.org/

For more information about the TLS-SNI-01 end-of-life please see our API announcement: https://community.letsencrypt.org/t/february-13-2019-end-of-life-for-all-tls-sni-01-validation-support/74209

Related

How can I change an Atheros wireless NIC region (regulatory domain) in Ubuntu?
In Ubuntu ISO MBR, why does a GPT partition overlap the boot partition, and make MBR uneditable?
Ubuntu on Asus X205TA
UEFI boot in virtualbox - Ubuntu 12.04
What does this startup dialog message mean "Could not update ICEauthority file"
How to split 7.1 soundcard outputs to 4 stereo outs with ALSA
"Sorry, Ubuntu 12.04 has experienced an internal error."
How do you configure Netplan on Ubuntu to store 802.1x credentials securely?
Why can I not deselect "encrypt my home folder"?
Why is Ruby version 1.9.2 named ruby1.9.1?
Soundcard not detected by pulseaudio (but by alsa)
How to disable hibernation and fastboot from windows so dual boot works in Ubuntu 14.04