I am running Ubuntu 18.04.1 on a Linode VPS and have been trying to upgrade certbot from 0.23 to 0.30 in order to deal with the TLS-SNI-01 validation end of life issue. (As near as I could tell, this was the best way to address this upcoming challenge to my SSL certificates.)
I have run every command I can find to update and upgrade certbot, and as near as I can tell they have all run successfully. Despite these efforts, however, every time I run certbot --version, the return says Iām still using certbot 0.23.0.
Iāve tried looking for help, but I canāt find other people with this particular problem. All my certificates are working fine right now, but it seems as though that will end as early as February 13 if I donāt find a solution.
I believe the certbot PPA is enabled, yes. I can certainly confirm that, though, if necessary.
I have followed all instructions for installing and upgrading from eef and other help articles, but I mostly remember apt-get update and apt-get upgrade. There were others in there last week, but I donāt remember them all.
When you follow the link you get these instructions:
" If the version is less than 0.28, you need to upgrade your Certbot. Visit https://certbot.eff.org/ and follow the instructions for your webserver and OS."
When you follow that link you get the commands to install Certbot. But they do not upgrade the version.
Perhaps another email should be sent with more clear instructions on how to upgrade an existing Certbot installation.
This is a good idea, I mentioned it to the Certbot devs. I don't think comparing apt update to apt upgrade is really the right thing - update fetches a newer list of available packages, while upgrade actually installs the newer packages. I think the underlying issue is this:
sudo apt-get install python-certbot-apache
If you already have python-certbot-apache installed, that command will upgrade python-certbot-apache, but it won't upgrade python-certbot. I think adding python-certbot to the list probably makes sense so that the instructions keep people up to date even if they've already got the software installed.
I think there's an additional factor -- when python-certbot-apache got replaced with a transitional dummy package for python3-certbot-apache, it stopped having a dependency on a specific version of any other packages, so I think (re)installing it makes apt less prone to upgrading anything else.
Interesting. Iām fairly confident that apt upgrade does exactly the same thing as apt-get upgrade. If you have documentation otherwise I would be interested to read it.
@gmarzloff, can you confirm whether the command that was not working for you was sudo apt-get upgrade? Could it have been sudo apt-get update?
@rg305: According to https://itsfoss.com/apt-vs-apt-get-difference/, both apt upgrade and apt-get upgrade have the functionality āUpgrades all upgradable packages.ā If youāre suggesting that one behaves differently, thatās a pretty significant claim ā Iād want to dig deeper before making that claim.
apt-get update didnāt work. Iām over 75% certain I tried apt-get upgrade which didnāt work either. When I ran apt upgrade, certbot --version showed 0.28. I wish I could be more precise on the method but I was trying a lot of different commands trying to find a solution.
No problem, I appreciate you adding the extra detail! FYI, apt-get update and apt update never install new software, they just download new lists of software. So Iām not surprised that update didnāt fix the issue. Both apt-get upgrade and apt upgrade should have fixed the issue; weāll keep an eye out for similar reports, in case there really is an issue with one of the upgrade variants.