Why does certbot suddenly fall back to http-01 challenge instead of tls-sni-01 (https)?

ubuntu iptables lets-encrypt certbot ubuntu-16.04

It could be due to the recent vulnerability announced with the tls-sni-01 verification method, Let’s Encrypt disabled this until it’s been fixed patched.

Until then, they have advised using http for verification.

Lets Encrypt tls-sni-01 bug details

Related

How to merge variables of type hash across different variable files in ansible?
Use of default SSL cert/key on MySQL 5.7?
OpenVPN HA Setup on AWS
VirtualBox and Windows 10: can't connect to a server hosted on VirtualBox
Kubernetes: relation between Service IP's and pod IP's
2 node cluster (active-passive) with Windows Server 2016
Is dhparam really required if only using ECDHE?
Local intranet zone sites opening in IE instead of Edge
Windows 10 Always On VPN, Split DNS, NRPT, and how to configure which DNS server is used?
python get-pip.py not working behind proxy
bind: loading from master file failed: file not found
Nginx variable in proxy pass does not work