Broken dependencies for certbot on arm64 Jessie


#1

Hi all,

I can’t seem to install certbot from jessie-backports on a arm64 machine (Odroid C2 running Armbian to be precise) since dependencies are not met. Browing the repository, python-cryptography is stuck at 0.8 for arm64 while all other architectures feature 1.4.3.

apt tells me:

$ sudo apt-get install -t jessie-backports certbot
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 certbot : Depends: python-certbot (= 0.9.3-1~bpo8+1) but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

Is there any solution underway?

Best,
simon


#2

Clone it from git instead of installing from a repo

sudo git clone https://github.com/certbot/certbot /opt/certbot

This will clone certbot into a directory /opt/certbot including dependencies

Then you run all your certbot commands when you are in the /opt/certbot directory

Small write up here


#3

I will bring up this issue on a call with other developers to see if someone has thought about the non-Intel platform dependency versioning, but @MitchellK’s solution seems like a good plan for the short term.


#4

We have someone looking into this, but it may take quite a while to see results because it may require getting other people outside our project to do porting or packaging work to fix the dependencies.


#5

Great, thank you for your advice!

For now I’ll follow @MitchellK’s siggestion of fetching it from git (probably better using a tagged version than the default branch) but it’s great that you are looking into fixing the packages!

Best,
Simon


#6

Apparently Python support on arm64 has some problems in Debian right now that the Intel platforms don’t, but hopefully they’ll get ironed out.

We are looking into a possibility of someday replacing python-cryptography entirely because it’s a dependency that has apparently been tough to keep working, especially on slightly less-used platforms. A possibility is calling out to the openssl command line for underlying cryptographic operations.


#7

If certbot doesn’t work, I would suggest you try my acme.sh (https://acme.sh)

It’s a shell script based on openssl. it doesn’t rely on python at all.


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.