I need help setting up the CertBot for LetsEncrypt
I am running on CentOS 7 with Python 2.7
When I run certbot I get the following error:
[root@li86-193 frappe-bench]#certbot certonly --manual
Traceback (most recent call last):
File "/usr/bin/certbot", line 7, in <module>
from certbot.main import main
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 21, in <module>
from certbot import client
File "/usr/lib/python2.7/site-packages/certbot/client.py", line 10, in <module>
from acme import client as acme_client
File "/usr/lib/python2.7/site-packages/acme/client.py", line 31, in <module>
requests.packages.urllib3.contrib.pyopenssl.inject_into_urllib3()
File "/usr/lib/python2.7/site-packages/requests/packages/urllib3/contrib/pyopenssl.py", line 112, in inject_into_urllib3
_validate_dependencies_met()
File "/usr/lib/python2.7/site-packages/requests/packages/urllib3/contrib/pyopenssl.py", line 147, in _validate_dependencies_met
raise ImportError("'pyOpenSSL' module missing required functionality. "
ImportError: 'pyOpenSSL' module missing required functionality. Try upgrading to v0.14 or newer.
[root@li86-193 frappe-bench]# pip show certbot
Name: certbot
Version: 0.11.1
Summary: ACME client
Home-page: https://github.com/letsencrypt/letsencrypt
Author: Certbot Project
Author-email: [email protected]
License: Apache License 2.0
Location: /usr/lib/python2.7/site-packages
Requires: ConfigArgParse, configobj, zope.component, pytz, setuptools, cryptography, zope.interface, pyrfc3339, mock, parsedatetime, six, acme, PyOpenSSL
[root@li86-193 frappe-bench]# pip show pyopenssl
Name: pyOpenSSL
Version: 16.2.0
Summary: Python wrapper module around the OpenSSL library
Home-page: https://pyopenssl.readthedocs.io/
Author: Hynek Schlawack
Author-email: [email protected]
License: Apache License, Version 2.0
Location: /usr/lib/python2.7/site-packages
Requires: six, cryptography
Please help out
Thank you
Don't try to install certbot manually on CentOS/RHEL systems. It just makes a huge mess. Instead, install it from EPEL.
I experienced this same issue twice on 2 separate Centos7 systems in the last 2 months. This is what worked for me:
After completing these steps I was able to successfully renew my certificates with certbot.
I'm running into the same issue. Using python venv I was able to get certbot working using pip.
Steps: Install virtualenv
Create a virtualenv
Activate the
certbotvirtualenvYour prompt might turn into something like this
(certbot) [root@hostname ~]#Then pip install certbot
Once complete you can test
certbotcommand under thecertbotvirtualenv, but this is not practical if you are going to use cron to setup certbot renewals. So deactivate the virtual environment,Now run the certbot command from
The correct fix is:
Thanks to cnritng frim github.
This seems to be working for me.
Grab a rpm from here: http://rpm.pbone.net/index.php3/stat/4/idpl/31446026/dir/centos_7/com/pyOpenSSL-0.15.1-1.el7.noarch.rpm.html
Do not mix
yuminstalled packages viapipones. The proper fix involves removing pip packages and install everything fromyum. I have outlined it here.You do not need newer pyOpenSSL on CentOS 7 to run certbot!
I had the same problem in 0.9.3. It was caused by installing the nginx plugin.
You can easily reproduce a working installation:
docker run -it --rm centos:centos7 bash yum -y install epel-release yum -y install certbot certbot -h
just made it work by running
it removed the 0.13 version and installed the 0.14, then certbot just worked normally.
It seems that the version of the epel source is too old, you can remove the certbot of the yum version and pip install it
Instead certbot, the letsencrypt client solved for me the problem.
You can remove the other client(s)
And then install letsencrypt: