Certbot-auto, letsencrypt-auto has insecure permissions

My domain is:

I ran this command:
sudo letsencrypt-auto renew

It produced this output:

./letsencrypt-auto has insecure permissions!
To learn how to fix them, visit Certbot-auto deployment best practices
Upgrading certbot-auto 0.34.1 to 0.34.2…
Replacing certbot-auto…
Creating virtual environment…
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 2363, in
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 719, in main
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 988, in create_environment
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 918, in install_wheel
call_subprocess(cmd, show_stdout=False, extra_env=env, stdin=SCRIPT)
File “/usr/lib/python3/dist-packages/virtualenv.py”, line 812, in call_subprocess
% (cmd_desc, proc.returncode))
OSError: Command /opt/eff.org/certbot/venv/bin/python2.7 - setuptools pkg_resources pip wheel failed with error code 1
Traceback (most recent call last):
File “”, line 27, in
File “”, line 19, in create_venv
File “/usr/lib/python2.7/subprocess.py”, line 541, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘[‘virtualenv’, ‘–no-site-packages’, ‘–python’, ‘/usr/bin/python2.7’, ‘/opt/eff.org/certbot/venv’]’ returned non-zero exit status 1

My web server is (include version):

The operating system my web server runs on is (include version):
Ububtu LTS 16.04

I can login to a root shell on my machine (yes or no, or I don’t know):
sudo works

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
assume 0.34.1, if you try to run certbot-auto you will get the error message

Additiional info:
It is a spring boot aplication so I think it is a standalone setup (?). I have not originally set up the application just been updating certificates, until now ut has been working just fine but this time it gives the error, any help would be highly appreciated :slight_smile:


Have you read the link presented in the error message itself? Certbot-auto deployment best practices

If so, what did you try from those best practices?

I think the insecure permissions is a red herring, the true error is the virtualenv failure.

Unfortunately I don’t know a good way to diagnose it without modifying the script itself to print the stderr of virtualenv (it instead just swallows it).

You could try wipe out /opt/eff.org/certbot, I guess.

thanks for the response.

As I said I have not set this up, jus been updating certs. As of this time it has been working without any problems …


I found this post -> https://medium.com/@jayn0rm/update-letsencrypt-with-certbot-e86736349d2e

Anyhow, thank you for the suggestion, it might be good path to follow, the instance is running on azure cloud


You were right, locales were not set and that caused the error.
export LC_ALL=“en_US.UTF-8”
export LC_CTYPE=“en_US.UTF-8”

after that it went through.

Side note, I had to modify the config file a bit since it had some settings that were outdated.
but after that it worked :slight_smile:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.