We upgraded from certbot 1.3.0 to the latest, mainly by uninstalling it and then reinstalling using the pip method (Python 3.5, debian 9).
Since then certbot does not start anymore, can't even display the help. An example of the command result:
# /usr/local/bin/certbot --help all
/opt/certbot/lib/python3.5/site-packages/OpenSSL/crypto.py:14: CryptographyDeprecationWarning: Python 3.5 support will be dropped in the next release of cryptography. Please upgrade your Python.
from cryptography import utils, x509
Traceback (most recent call last):
File "/usr/local/bin/certbot", line 7, in <module>
from certbot.main import main
File "/opt/certbot/lib/python3.5/site-packages/certbot/main.py", line 2, in <module>
from certbot._internal import main as internal_main
File "/opt/certbot/lib/python3.5/site-packages/certbot/_internal/main.py", line 16, in <module>
from certbot import crypto_util
File "/opt/certbot/lib/python3.5/site-packages/certbot/crypto_util.py", line 30, in <module>
from certbot import util
File "/opt/certbot/lib/python3.5/site-packages/certbot/util.py", line 17, in <module>
import configargparse
File "/opt/certbot/lib/python3.5/site-packages/configargparse.py", line 406
raise ValueError(f"Error trying to unquote the quoted string: {text}: {e}") from e
^
SyntaxError: invalid syntax
Do you have any idea of what could cause this?
We use it for a wildcard certificate using dns challenge with OVH as DNS registrar.
We upgraded because they changed their API like explained in this certbot isssue, so we can't really downgrade back to 1.3.0.
Thanks for the hints, I will try to update our Python to 3.8.
Update of the server was planned later this year but if we can't upgrade Python, I can change our plans.
I suggest installing Snap/Snapd on your platform and using that to install Certbot and a more modern Python version.
While it is possible to handle this by installing a new Python on your server alongside the existing Python - that can be complex to do correctly for most users. Many people also overwrite the system Python, which ends up breaking many things on the server.
The snap system should let you cleanly have a secondary Python that is only used by Certbot/Snap and doesn't interfere with your linux distribution.
Probably not, I was just genuinly asking, as packages.debian.org doesn't support stretch any longer. I didn't say I made a good effort of searching the rest of the internet
Before posting the above comment, I had searched online found Debian docs that indicated a package was available:
stretch has been removed to the archive though, so I am not sure how accessible any of these packages are. Building snapd from source is an option.
Updating to a modern, supported, Operating System is the best option. Utilizing snapd is the best quick-fix IMHO, as that will let Certbot/Python be isolated from the main system.
There is a convoluted process to update a local system to utilize the archives instead of the currently supported versions. Debian and Ubuntu typically make it hard to use archived material so people are incentivized to upgrade - but they rarely wipe something into oblivion and will keep the data around somewhere for those that need it.
I can't find it, as 