Certbot shows import error

Not able to run the command itself, neither does the certificates are generating.

I ran this command: certbot --version

It produced this output:

2023-07-13 13:25:40,106:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in
sys.exit(load_entry_point('certbot==1.21.0', 'console_scripts', 'certbot')())
File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1535, in main
plugins = plugins_disco.PluginsRegistry.find_all()
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/disco.py", line 231, in find_all
plugin_ep = cls._load_entry_point(entry_point, plugins, with_prefix=False)
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/disco.py", line 249, in _load_entry_point
plugin_ep = PluginEntryPoint(entry_point, with_prefix)
File "/usr/lib/python3/dist-packages/certbot/_internal/plugins/disco.py", line 54, in init
self.plugin_cls: Type[interfaces.Plugin] = entry_point.load()
File "/usr/lib/python3/dist-packages/pkg_resources/init.py", line 2465, in load
return self.resolve()
File "/usr/lib/python3/dist-packages/pkg_resources/init.py", line 2471, in resolve
module = import(self.module_name, fromlist=['name'], level=0)
File "/usr/local/lib/python3.10/dist-packages/certbot_django/coordinator/authenticator.py", line 2, in
from asymmetric_jwt_auth import create_auth_header, generate_key_pair
ImportError: cannot import name 'create_auth_header' from 'asymmetric_jwt_auth' (/usr/local/lib/python3.10/dist-packages/asymmetric_jwt_auth/init.py)
2023-07-13 13:25:40,106:ERROR:certbot._internal.log:An unexpected error occurred:
2023-07-13 13:25:40,107:ERROR:certbot._internal.log:ImportError: cannot import name 'create_auth_header' from 'asymmetric_jwt_auth' (/usr/local/lib/python3.10/dist-packages/asymmetric_jwt_auth/init.py)

My web server is (include version): nginx/django

The operating system my web server runs on is (include version): Ubuntu 22.04 x86_64

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): none

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): latest version, showing above error even for --version

The log you've shown shows Certbot 1.21.0 which is far from the latest release. It might be the latest version available for Ubuntu 22.04 using their own package manager, but that's a different story. Certbot advises to use "snap" to install Certbot nowadays, see Certbot Instructions | Certbot (it says Ubuntu 20, but can also be used for 22).

Now, with regard to your issue: it seems you've installed the third-party plugin certbot-django using pip. It's also that third-party plugin that generates the error with regard to the asymmetric-jwt-auth package and not Certbot itself. Certbot doesn't rely on that package.

So it's probably a better idea to make an issue at the certbot-django plugins support channel. Although I must say installing packages using pip globally can easily lead to misconfigured versions. So it might also help to update all pip packages?

Looking at the plugin and jwt package a little bit further, it seems the django plugin relies on version 0.4.1 or later of the jwt library, but in version 1.0.0 the entire asymmetric_jwt_auth package was refactored, back in 2021:

And with that refactoring the create_auth_header function wasn't available any longer globally.

The django plugin however hasn't been updated (content-related) for 5 years now. So personally I'd consider the certbot-django plugin DEAD and I would advice against using it. (Although weirdly enough the person committing the most recent commits is still quite active on Github: crgwbr (Craig Weber) · GitHub. Therefore I opened an issue on Github: Plugin fails with recent versions of asymmetric-jwt-auth · Issue #2 · thelabnyc/certbot-django · GitHub)


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.