Upgrading Let's Encrypt Certbot to the latest version on Ubuntu
Last updated: March 10th 2021
In late 2020 Certbot stopped updating the Apt package version of Certbot for Ubuntu and switched entirely to packaging and distributing Certbot as a Snap package.
In this guide we show how you can easily and safely switch from the old APT package version of Certbot to the new Snap version of Certbot so you can keep renewing your certificates without problems.
Fortunately the procedure is totally safe and very easy to do, after which you can be sure Certbot is being kept up-to-date by Snap automatically, reducing the probability of issues with your Let's Encrypt Certificates.
Please note: We have created a script in the Webdock Dashboard which you can run on your Webdock server in order to complete this procedure below automatically. Find it in the Script Library in your Account.
Upgrading Let's Encrypt Certbot by going over to the Snap version
First, remove the old APT version of Certbot
sudo apt remove -y certbot python3-certbot-nginx python3-certbot-apache
Next, Install the Snap version of Certbot
sudo snap install --classic certbot
And finally, link in the Certbot binary so it can be run from anywhere
sudo ln -s /snap/bin/certbot /usr/bin/certbot
That's it! Now Certbot on your system is the latest version and running through Snap. It will keep itself updated from now on.
If you encounter any issues with the above, try upgrading your system as a whole with the regular apt commands:
sudo apt update sudo apt upgrade
After which, try re-running the above commands.
Webdock offers full Let's Encrypt support on all our stacks, and we enable and force HTTPS on your server as soon as it is created. This page details some of the caveats you might run into while working with Let's Encrypt and Certbot.
If you operate a web shop and gather payment information, you should be aware that the international security standard PCI DSS (Payment Card Industry Data Security Standard) requires you to use the newer versions of the TLS protocol (TLS 1.1 or TLS 1.2) no later than July 1st 2018, since TLS 1.0 is outdated and poses a security risk.