Menu
I am on AWS Ec2 Amazon Linux and trying to use Let's Encrypt. When I first installed Let's Encrypt couple month back I did not have any issues renewing the certificates. But now I receive this error and not able to renew.
# ./certbot-auto --debug
Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
from certbot.main import main
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py", line 7, in <module>
import zope.component
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/component/__init__.py", line 16, in <module>
from zope.interface import Interface
ImportError: No module named interface
I have tried unset PYTHON_INSTALL_LAYOUT and upgrading pip,virtualenv. No luck.
It seems to be simialr to this issue Letsencrypt ImportError: No module named interface on amazon linux while renewing But dirctory is different. Not sure I want to rm the /opt/eff.org/certbot/venv/bin/letsencrypt
710
Why shouldn't you use Let's Encrypt? The biggest issue is that, although Let's Encrypt provides the modern standard of website encryption, it doesn't offer Extended Domain Validation (the green bar beside the URL, displaying the company name next to the padlock).
If you want to use http validation, inbound port 80 and a working webserver is required. If that webserver redirects to https, then inbound https is required. If you use dns validation, no incoming port 80 / 443 is required.
Having a certificate that expires after 90 days will reduce the chances of someone exploiting any vulnerabilities that may occur. The second reason Let's Encrypt expires after such a short time is to minimize the impact of mis-issued certificates.
Current Let's Encrypt status is up.
I was able to fix this problem with:
sudo rm -rf /root/.local/share/letsencrypt/
sudo rm -rf /opt/eff.org/certbot/
Then rerun certbot-auto in user mode (ec2-user).
./certbot-auto renew -v --debug
I hit exactly this issue just now with Amazon Linux. The fix that worked for me is detailed on the certbot GitHub issue
I had the same issue from what appears to be a bad install of certbot. I fixed it by running the following:
unset PYTHON_INSTALL_LAYOUT /root/.local/share/letsencrypt/bin/pip install --upgrade certbot
I did not have pip installed separately on the server, it was only available as part of the certbot install, so this was the only way I could use pip to upgrade the installation properly.
19
If you have pip installed on your EC2 instance as I do, you can simply do this:
rm -rf /opt/eff.org/*
pip install -U certbot
certbot renew --debug
Downloading certbot-auto via wget has always caused problems for me, so the above method is preferred.
1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
