Certbot has problem setting up the virtual environment

My domain is:
whoischelsea.com

I ran this command:
./certbot-auto certonly --webroot -w /opt/bitnami/apps/wordpress/htdocs/ -d whoischelsea.com -d www.whoischelsea.com

It produced this output:
Requesting to rerun ./certbot-auto with root privileges…
Bootstrapping dependencies for Debian-based OSes… (you can skip this with --no-bootstrap)
Hit:1 http://security.debian.org stretch/updates InRelease
Ign:2 http://deb.debian.org/debian stretch InRelease
Hit:3 http://deb.debian.org/debian stretch-updates InRelease
Hit:4 http://deb.debian.org/debian stretch-backports InRelease
Hit:5 http://deb.debian.org/debian stretch Release
Hit:6 http://packages.cloud.google.com/apt google-cloud-monitoring-stretch InRelease
Hit:7 http://packages.cloud.google.com/apt cloud-sdk-stretch InRelease
Hit:8 http://packages.cloud.google.com/apt google-compute-engine-stretch-stable InRelease
Hit:10 http://packages.cloud.google.com/apt google-cloud-packages-archive-keyring-stretch InRelease
Reading package lists… Done
Reading package lists… Done
Building dependency tree
Reading state information… Done
augeas-lenses is already the newest version (1.8.0-1+deb9u1).
libaugeas0 is already the newest version (1.8.0-1+deb9u1).
ca-certificates is already the newest version (20161130+nmu1+deb9u1).
gcc is already the newest version (4:6.3.0-4).
libffi-dev is already the newest version (3.2.1-6).
python is already the newest version (2.7.13-2).
python-dev is already the newest version (2.7.13-2).
python-virtualenv is already the newest version (15.1.0+ds-1).
virtualenv is already the newest version (15.1.0+ds-1).
libssl-dev is already the newest version (1.1.0j-1~deb9u1).
openssl is already the newest version (1.1.0j-1~deb9u1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Creating virtual environment…
Installing Python packages…
Had a problem while installing Python packages.

pip prints the following errors:

DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won’t be maintained after that date. A future version of pip will drop support for Python 2.7.
Collecting argparse==1.4.0 (from -r /tmp/tmp.FXU6br2nzO/letsencrypt-auto-requirements.txt (line 11))
Downloading https://files.pythonhosted.org/packages/f2/94/3af39d34be01a24a6e65433d19e107099374224905f1e0cc6bbe1fd22a2f/argparse-1.4.0-py2.py3-none-any.whl
Collecting pycparser==2.14 (from -r /tmp/tmp.FXU6br2nzO/letsencrypt-auto-requirements.txt (line 17))
Downloading https://files.pythonhosted.org/packages/ad/15/7f42f31ba068f837816647135a0704a8c89aad685df160407e92870c0277/certbot_nginx-0.30.0-py2.py3-none-any.whl (90kB)

Requirement already satisfied: setuptools>=1.0 in /opt/eff.org/certbot/venv/lib/python2.7/site-packages (from josepy==1.1.0->-r /tmp/tmp.FXU6br2nzO/letsencrypt-auto-requirements.txt (line 95)) (40.6.3)Exception:Traceback (most recent call last): File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/pip/_internal/cli/base_command.py”, line 176, in main status = self.run(options, args) File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/pip/_internal/commands/install.py”, line 346, in run session=session, autobuilding=True File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/pip/_internal/wheel.py”, line 848, in build assert building_is_possible

AssertionError

=====================================================

Certbot has problem setting up the virtual environment.

We were not be able to guess the right solution from your pip output.

What distro is this?

cat /etc/os-release
lsb_release -a
1 Like

PRETTY_NAME="Debian GNU/Linux 9 (stretch)"
NAME="Debian GNU/Linux"
VERSION_ID="9"
VERSION="9 (stretch)"
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="Debian -- User Support"
BUG_REPORT_URL="https://bugs.debian.org/"

No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 9.6 (stretch)
Release: 9.6
Codename: stretch

I’m having the same issue. I filed a bug here but it was closed without much explanation…

2 Likes

You are right. The bug should not have been closed.

I have reproduced the exact same failure on a completely fresh debian:stretch container.

3 Likes

I’m getting this on a renewal, never had a problem before.

NAME=“Ubuntu”
VERSION=“18.04.1 LTS (Bionic Beaver)”
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME=“Ubuntu 18.04.1 LTS”
VERSION_ID=“18.04”

Same problem here. I’ve tried a renewal and a fresh instance, both throwing the same error as OP:

NAME=“Amazon Linux AMI”
VERSION=“2018.03”
ID=“amzn”
ID_LIKE=“rhel fedora”
VERSION_ID=“2018.03”
PRETTY_NAME=“Amazon Linux AMI 2018.03”

This is a problem in pip. You can fix this for now by adding the --no-download flag to the calls to virtualenv on lines 1001 and 1003:

diff --git a/certbot-auto b/certbot-auto
index be2c367..2c0f64a 100755
--- a/certbot-auto
+++ b/certbot-auto
@@ -998,9 +998,9 @@ if [ "$1" = "--le-auto-phase2" ]; then
     rm -rf "$VENV_PATH"
     if [ "$PYVER" -le 27 ]; then
       if [ "$VERBOSE" = 1 ]; then
-        virtualenv --no-site-packages --python "$LE_PYTHON" "$VENV_PATH"
+        virtualenv --no-site-packages --no-download --python "$LE_PYTHON" "$VENV_PATH"
       else
-        virtualenv --no-site-packages --python "$LE_PYTHON" "$VENV_PATH" > /dev/null
+        virtualenv --no-site-packages --no-download --python "$LE_PYTHON" "$VENV_PATH" > /dev/null
       fi
     else
       if [ "$VERBOSE" = 1 ]; then
4 Likes

For those not familiar with how to apply diffs/patches, this one liner may be used to do the same thing (replace /path/to/certbot-auto with the path to your real certbot-auto file):

sed -i 's/virtualenv --no-site-packages/virtualenv --no-download --no-site-packages/' /path/to/certbot-auto
5 Likes

This worked for me. :white_check_mark::cat2::tornado:

1 Like

Thank you very much, this worked for me as well! Appreciate the prompt attention to the issue and providing a workaround.

1 Like

This worked for me as well. Thank you for the workaround!

1 Like

I'm afraid this workaround does not work for a fresh install if you are trying to use the tool for the first time.

A new version of pip fixing this issue was released an hour or two ago.

1 Like

That’s wonderful to hear. Can anyone point me in the right direction to download and install it?

Thanks!

Running certbot-auto again should automatically use it.

Thanks. I tried running it again (in my case letsencrypt-auto) on a fresh Ubuntu 16.04.5 LTS install on aws and I’m afraid the error is still the same.

1 Like

Probably a newb question, but how long should this change remain? Will it automatically be handled in the next update? thanks.

1 Like

Thanks ! I had the same issue as @melee1313 and this fixed it.

As a side note, in my system the file you mention is called “/opt/letsencrypt/letsencrypt-auto” and not “/opt/letsencrypt/certbot-auto”

1 Like

Thank You!!! This worked like a charm

1 Like