Certbot-auto works well, bun in cron failed


#1

I have CentOS 6.6, nginx, certbot-auto
I have installed certificats for my domain well.
Command in console certbot-auto renew work well and gives output
/root/.local/share/letsencrypt/lib/python2.6/site-packages/cryptography/init.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
DeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/smsotziv.com.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/smsotziv.com/fullchain.pem (skipped)
No renewals were attempted.

I set statement in /var/spool/cron/root
38 * * * * PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin";/home/domains/certbot-auto renew --no-self-upgrade > /home/domains/cert.log
But in /home/domains/cert.log I see
Bootstrapping dependencies for RedHat-based OSes…
yum is /usr/bin/yum
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirrors.supportex.net
* epel: mirror.nl.leaseweb.net
* extras: mirror.nl.leaseweb.net
* rpmforge: mirror.nl.leaseweb.net
* updates: mirror.widexs.nl
* webtatic: uk.repo.webtatic.com
Package gcc-4.4.7-17.el6.x86_64 already installed and latest version
Package augeas-libs-1.0.0-10.el6.x86_64 already installed and latest version
Package openssl-1.0.1e-48.el6_8.3.x86_64 already installed and latest version
Package openssl-devel-1.0.1e-48.el6_8.3.x86_64 already installed and latest version
Package libffi-devel-3.0.5-3.2.el6.x86_64 already installed and latest version
Package redhat-rpm-config-9.0.3-51.el6.centos.noarch already installed and latest version
Package ca-certificates-2015.2.6-65.0.1.el6_7.noarch already installed and latest version
Package python-2.6.6-66.el6_8.x86_64 already installed and latest version
Package python-devel-2.6.6-66.el6_8.x86_64 already installed and latest version
Package python-virtualenv-1.10.1-1.el6.noarch already installed and latest version
Package python-tools-2.6.6-66.el6_8.x86_64 already installed and latest version
Package python-pip-7.1.0-1.el6.noarch already installed and latest version
Resolving Dependencies
–> Running transaction check
—> Package mod_ssl.x86_64 1:2.2.15-55.el6.centos.2 will be updated
—> Package mod_ssl.x86_64 1:2.2.15-56.el6.centos.3 will be an update
–> Processing Dependency: httpd = 2.2.15-56.el6.centos.3 for package: 1:mod_ssl-2.2.15-56.el6.centos.3.x86_64
–> Running transaction check
—> Package httpd.x86_64 0:2.2.15-55.el6.centos.2 will be updated
—> Package httpd.x86_64 0:2.2.15-56.el6.centos.3 will be an update
–> Processing Dependency: httpd-tools = 2.2.15-56.el6.centos.3 for package: httpd-2.2.15-56.el6.centos.3.x86_64
–> Running transaction check
—> Package httpd-tools.x86_64 0:2.2.15-55.el6.centos.2 will be updated
—> Package httpd-tools.x86_64 0:2.2.15-56.el6.centos.3 will be an update
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package          Arch        Version                        Repository    Size
================================================================================
Updating:
 mod_ssl          x86_64      1:2.2.15-56.el6.centos.3       updates       97 k
Updating for dependencies:
 httpd            x86_64      2.2.15-56.el6.centos.3         updates      834 k
 httpd-tools      x86_64      2.2.15-56.el6.centos.3         updates       79 k

Transaction Summary
================================================================================
Upgrade       3 Package(s)

Total download size: 1.0 M
Is this ok [y/N]: Exiting on user Command
Could not install OS dependencies. Aborting bootstrap!

#2

When you use certbot-auto, it tries to do some local installs for the user running it. Since root has never run it directly, it tries to set things up but can’t because it’s non-interactive.

Have you tried to run the certbot-auto command as root directly?


#3

I have logged as root (by the command “su -” or “su”) and start certbot-auto, I have tried run command runuser -l root -c “/home/domains/certbot-auto”

But is did not help. From cron certbot is still trying reinstall.


#4

Command
[root]# runuser -l root -c "/home/domains/certbot-auto renew"

gives output

/root/.local/share/letsencrypt/lib/python2.6/site-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
  DeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/p.next.ua.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/smsotziv.com.conf
-------------------------------------------------------------------------------
Cert not yet due for renewal

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/p.next.ua/fullchain.pem (skipped)
  /etc/letsencrypt/live/smsotziv.com/fullchain.pem (skipped)
No renewals were attempted.

But through cron it stiil trying to reinstall


#5

Olala.

Whatever I did, whetever I logged - certbot in cron wanted update itself, not certificates.

Then I set option “-n” and make certbot start in next minute.


/home/domains/certbot-auto renew -n > /home/domains/cert.log

Miracle!!! Certbot updates what it wanted and now he can check certificates.

So finally I have this command in my cron


27 10 * * tue /home/domains/certbot-auto renew -q -n --no-self-upgrade


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.