Let’s Encrypt – “does not support any combination of challenges”

To remedy the error received when attempting to get a certificate: “Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.” you must follow these commands to update certbot to certbot-auto.

History: As of January 9th, 2018, Let’s Encrypt no longer supports the certbot installed due to potential issues of clients obtaining fake certificates. Read the Let’s Encrypt Offical Notice: >>

This has impacted all of our stacks that rely on the Ubuntu Let’s Encrypt distro packages, and we are posting this manual workaround until all of our stacks are updated.

From CLI:

wget https://dl.eff.org/certbot-auto

sudo mv ./certbot-auto /usr/bin/

sudo chmod 755 /usr/bin/certbot-auto

sudo chown root:root /usr/bin/certbot-auto


sudo certbot-auto --apache -d yourdomain.com

sudo certbot-auto --nginx -d yourdomain.com

Replace yourdomain with your domain or subdomain.

These commands update the certbot client to cerbot-auto, and at the same time allows you to request a new certificate. All the other pre- Let’s Encrypt procedures as outlined in our directions still apply.

For those with seeking High Availability e-commerce solutions, it may be in your best interest to purchase a certificate. Free certs are great for development and test environments.

Leave a Reply

Your email address will not be published. Required fields are marked *