Let’s Encrypt is revoking all certificates created before January 26, 2022 through the ALPN challenge type, starting on January 28th.
Developers using the Micronaut Acme module may need to take manual action in order to renew their certificates in time.
Certificates signed after January 26th using the ALPN challenge, including new certificates, are not affected. You do not need to change your challenge type.
Am I affected?
Micronaut applications are affected if both of the following apply:
- They use the
micronaut-acmemodule to create their certificates
- They use the ALPN challenge type, as configured by the
acme.challenge-type: tlsconfiguration property
If your application meets both of those conditions, you need to force renewal of your certificates.
How can I renew my certificates?
To renew the application certificates, you need to first delete the old certificates. Navigate to the location configured in
acme.cert-location and rename the
domain.crt file. You can also delete the file entirely, but renaming it gives you a backup in case anything goes wrong.
Micronaut Acme will request a new certificate when it detects the old one is missing. You can either wait until this is checked automatically (every 24 hours by default) or trigger the check manually by restarting your application. When the new certificate has been loaded, a new
domain.crt file will appear.
Should you have any problems with this process, you can get help on gitter.