Certbot upgrade to support ACMEv2

Help
21

Did you get any change in:
dpkg -l python3-acme

1 Like
22

Nope..Unfortunately..
ii python3-acme 0.28.0-1~deb9u1 all ACME protocol library for Python 3
root@instance-1:~

23

Try:

1 Like
24

It sounds like you don’t have stretch-updates enabled.

/etc/apt/sources.list should usually include:

deb http://deb.debian.org/debian stretch-updates main
2 Likes
25

For Information, GCE instance is using these sources.

Will all GCE users be required to update? This is an older instance, so not sure what a new one looks like.

root@instance-1:~# grep ^[^#] /etc/apt/sources.list /etc/apt/sources.list.d/*
/etc/apt/sources.list:deb http://http.debian.net/debian stretch main
/etc/apt/sources.list:deb-src http://http.debian.net/debian stretch main
/etc/apt/sources.list:deb http://security.debian.org/ stretch/updates main
/etc/apt/sources.list:deb-src http://security.debian.org/ stretch/updates main
/etc/apt/sources.list:deb http://ftp.debian.org/debian stretch-backports main
/etc/apt/sources.list.d/google-cloud.list:deb http://packages.cloud.google.com/apt google-compute-engine-stretch-stable main
/etc/apt/sources.list.d/google-cloud.list:deb http://packages.cloud.google.com/apt google-cloud-packages-archive-keyring-stretch main
root@instance-1:~#

26

You are indeed missing stretch-updates.

stretch/updates from Debian Security is not the same.

1 Like
27

OH NO! Your Stretch Armstrong doesn’t stretch - LOL

Just add “stretchiness” …
What is shown in?:
/etc/apt/sources.list

1 Like
28

What happened here? :frowning:

root@instance-1:~# cat /etc/apt/sources.list
-# deb http://gce_debian_mirror.storage.googleapis.com/ stretch main
-# deb-src http://gce_debian_mirror.storage.googleapis.com/ stretch main
deb http://http.debian.net/debian stretch main
deb-src http://http.debian.net/debian stretch main
deb http://security.debian.org/ stretch/updates main
deb-src http://security.debian.org/ stretch/updates main
deb http://ftp.debian.org/debian stretch-backports main
root@instance-1:~#

29

Try adding the entry from my earlier post?

1 Like
30

ii python3-acme 0.28.0-1~deb9u2

no renewal failures :slight_smile:

Curious:
So was I mis-configured from a GCE instance norm?.
Or, Will anyone using a GCE instance have this issue or was it just me this time?

1 Like
31

Most likely (in time).
[I don't think stretch updates nor backports are added as any default.]

1 Like
32

Well this started for me with the email advising of the move to ACMEv2 and upgrading what had been working fine. So if it is an issue that will show up with standard aws or gce instances, it could be a real headache. I will check some of my other sites further in the next day or so… Thanks for your expert assistance!!

33

For now. Let's Encrypt is phasing it out. At this current point in time, it is disabled in the staging environment but remains enabled in the production environment. It will be disabled there too in time.

1 Like
34

Thank You for all the help! The dry-run is working on this instance, I will check some others in the AM.

1 Like
35

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.