I’m just now getting one of my webservers moved over from TLS1.0. When I manually run sudo certbot renew, all seems well.
So then I went and added this to crontab, but am getting a bunch of errors:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.28.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 542, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2569, in load_entry_point
return ep.load()
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2229, in load
return self.resolve()
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2235, in resolve
module = __import__(self.module_name, fromlist=['__name__'], level=0)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 10, in <module>
import josepy as jose
File "/usr/lib/python3/dist-packages/josepy/__init__.py", line 44, in <module>
from josepy.interfaces import JSONDeSerializable
File "/usr/lib/python3/dist-packages/josepy/interfaces.py", line 8, in <module>
from josepy import errors, util
File "/usr/lib/python3/dist-packages/josepy/util.py", line 4, in <module>
import OpenSSL
File "/usr/lib/python3/dist-packages/OpenSSL/__init__.py", line 8, in <module>
from OpenSSL import crypto, SSL
File "/usr/lib/python3/dist-packages/OpenSSL/crypto.py", line 12, in <module>
from cryptography import x509
File "/usr/lib/python3/dist-packages/cryptography/x509/__init__.py", line 9, in <module>
from cryptography.x509.base import (
File "/usr/lib/python3/dist-packages/cryptography/x509/base.py", line 16, in <module>
from cryptography.x509.extensions import Extension, ExtensionType
File "/usr/lib/python3/dist-packages/cryptography/x509/extensions.py", line 18, in <module>
from cryptography.hazmat.primitives import constant_time, serialization
File "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/constant_time.py", line 9, in <module>
from cryptography.hazmat.bindings._constant_time import lib
ModuleNotFoundError: No module named '_cffi_backend'
I thought this might be an issue with the environment variables, but I put the certbot steps in a shell script and added a full path line before it, but got the same error.
I’m running certbot version 0.28.0 on Ubuntu, with Apache2.
I assume this might have something to do with my python versions, but I’m not really sure how to unwind that… Any advice? Thanks!