Letsencrypt renewal getting - remote error: tls: handshake failure

nginx ssl lets-encrypt

I had Cloudflare running on the site, once I paused it I could renew the certs.


Consider specifying the http-01 method. For example,

sudo certbot renew --preferred-challenges http-01

The http-01 challenge works by generating a file at a specific web-accessible location under the domain under consideration. The challenge relies on HTTP (port 80) rather than HTTPS (e.g., the tls-sni-01 challenge method). Avoiding reliance on TLS can be a step forward in addressing the error you encounter.

The --preferred-challenges, perhaps self-evidently, cues certbot, for plugins which can handle more than one challenge method.

Related

Availability at risk due to one offline Domain Name Server?
How to block all traffic between two interfaces?
How to get the secondary private IP address of an Amazon EC2 instance
Locked out of DC and domain admin accounts via GPO
How do I run a command from a base64 encoded string in bash?
Enable cross origin for subdomain
Is there a way to automatically add network interfaces to systemd-networkd and/or netplan?
How to use ssh hostkey from a Linux server with plink.exe on a Windows host?
Can I create AWS Keys for each user that expire every 2 weeks?
Mixing 3.5 hdd and 2.5 hdd in LSI RAID 1
My static ips are inaccessible only from CenturyLink users across all ports
install libssl-dev on Ubuntu 20.04.1 (upgrade from 18.04.1) reports unmet dependecies with 1.1.1g-1+ubuntu18.04.1+deb.sury.org+1