Error pkg_resources.DistributionNotFound when trying generate valid certificate

Help
1

My domain is: guenoel.fr

I ran this command:

https://www.palabritudes.net/2018/03/11/certbot-challenge-dns-gandi-ovh.html

sudo /usr/bin/certbot certonly --manual \
                          --manual-public-ip-logging-ok \
                          --manual-auth-hook "/etc/letsencrypt/lexicon-ovh.sh create" \
                          --manual-cleanup-hook "/etc/letsencrypt/lexicon-ovh.sh delete" \
                          --preferred-challenges dns \
                          -d guenoel.fr \
                          -d www.guenoel.fr

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for guenoel.fr
dns-01 challenge for www.guenoel.fr
Hook command "/etc/letsencrypt/lexicon-ovh.sh create" returned error code 255
Error output from lexicon-ovh.sh:
Traceback (most recent call last):
  File "/usr/local/bin/lexicon", line 6, in <module>
    from pkg_resources import load_entry_point
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3019, in <module>
    @_call_aside
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3003, in _call_aside
    f(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3032, in _initialize_master_working_set
    working_set = WorkingSet._build_master()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 655, in _build_master
    ws.require(__requires__)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 963, in require
    needed = self.resolve(parse_requirements(requirements))
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 849, in resolve
    raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'requests-file>=1.4' distribution was not found and is required by tldextract

Hook command "/etc/letsencrypt/lexicon-ovh.sh create" returned error code 255
Error output from lexicon-ovh.sh:
Traceback (most recent call last):
  File "/usr/local/bin/lexicon", line 6, in <module>
    from pkg_resources import load_entry_point
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3019, in <module>
    @_call_aside
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3003, in _call_aside
    f(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3032, in _initialize_master_working_set
    working_set = WorkingSet._build_master()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 655, in _build_master
    ws.require(__requires__)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 963, in require
    needed = self.resolve(parse_requirements(requirements))
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 849, in resolve
    raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'requests-file>=1.4' distribution was not found and is required by tldextract

Waiting for verification...
Cleaning up challenges
Hook command "/etc/letsencrypt/lexicon-ovh.sh delete" returned error code 255
Error output from lexicon-ovh.sh:
Traceback (most recent call last):
  File "/usr/local/bin/lexicon", line 6, in <module>
    from pkg_resources import load_entry_point
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3019, in <module>
    @_call_aside
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3003, in _call_aside
    f(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3032, in _initialize_master_working_set
    working_set = WorkingSet._build_master()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 655, in _build_master
    ws.require(__requires__)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 963, in require
    needed = self.resolve(parse_requirements(requirements))
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 849, in resolve
    raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'requests-file>=1.4' distribution was not found and is required by tldextract

Hook command "/etc/letsencrypt/lexicon-ovh.sh delete" returned error code 255
Error output from lexicon-ovh.sh:
Traceback (most recent call last):
  File "/usr/local/bin/lexicon", line 6, in <module>
    from pkg_resources import load_entry_point
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3019, in <module>
    @_call_aside
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3003, in _call_aside
    f(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 3032, in _initialize_master_working_set
    working_set = WorkingSet._build_master()
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 655, in _build_master
    ws.require(__requires__)
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 963, in require
    needed = self.resolve(parse_requirements(requirements))
  File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 849, in resolve
    raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'requests-file>=1.4' distribution was not found and is required by tldextract

Failed authorization procedure. guenoel.fr (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.guenoel.fr, www.guenoel.fr (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.www.guenoel.fr

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: guenoel.fr
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.guenoel.fr

   Domain: www.guenoel.fr
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.www.guenoel.fr

My web server is (include version): VMware at home

The operating system my web server runs on is (include version): Debian (stretch)

My hosting provider, if applicable, is: OVH

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

2

Hi,

I believe certbot would only execute a script, without arguments, which means you need to create a file that only have one function…

Thank you

3

Certbot manual auth hooks can have arguments. :slight_smile:

I don't know how this should be fixed, though.

I note that the tutorial was using Python 3, but you're using Python 2.

4

Python3 installed !
but still not working:

root@debian:/etc/letsencrypt# /usr/bin/certbot certonly --manual --manual-public-ip-logging-ok --manual-auth-hook "/etc/letsencrypt/lexicon-ovh.sh create" --manual-cleanup-hook "/etc/letsencrypt/lexicon-ovh.sh delete" --preferred-challenges dns -d guenoel.fr -d www.guenoel.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for guenoel.fr
dns-01 challenge for www.guenoel.fr
Hook command "/etc/letsencrypt/lexicon-ovh.sh create" returned error code 255
Error output from lexicon-ovh.sh:
usage: lexicon ovh [-h] [--name NAME] [--content CONTENT] [--ttl TTL]
[--priority PRIORITY] [--identifier IDENTIFIER]
[--log_level {CRITICAL,ERROR,WARNING,INFO,DEBUG,NOTSET}]
[--output {TABLE,TABLE-NO-HEADER,JSON,QUIET}]
[--auth-entrypoint {ovh-eu,ovh-ca,soyoustart-eu,soyoustart-ca,kimsufi-eu,kimsufi-ca}]
[--auth-application-key AUTH_APPLICATION_KEY]
[--auth-application-secret AUTH_APPLICATION_SECRET]
[--auth-consumer-key AUTH_CONSUMER_KEY]
{create,list,update,delete} domain
{A,AAAA,CNAME,MX,NS,SOA,TXT,SRV,LOC}
lexicon ovh: error: argument --content: expected one argument

Waiting for verification...
Cleaning up challenges
Hook command "/etc/letsencrypt/lexicon-ovh.sh delete" returned error code 255
Error output from lexicon-ovh.sh:
usage: lexicon ovh [-h] [--name NAME] [--content CONTENT] [--ttl TTL]
[--priority PRIORITY] [--identifier IDENTIFIER]
[--log_level {CRITICAL,ERROR,WARNING,INFO,DEBUG,NOTSET}]
[--output {TABLE,TABLE-NO-HEADER,JSON,QUIET}]
[--auth-entrypoint {ovh-eu,ovh-ca,soyoustart-eu,soyoustart-ca,kimsufi-eu,kimsufi-ca}]
[--auth-application-key AUTH_APPLICATION_KEY]
[--auth-application-secret AUTH_APPLICATION_SECRET]
[--auth-consumer-key AUTH_CONSUMER_KEY]
{create,list,update,delete} domain
{A,AAAA,CNAME,MX,NS,SOA,TXT,SRV,LOC}
lexicon ovh: error: argument --content: expected one argument

An unexpected error occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 384, in _make_request
six.raise_from(e, None)
File "", line 3, in raise_from
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 380, in _make_request
httplib_response = conn.getresponse()
File "/usr/lib/python3.7/http/client.py", line 1321, in getresponse
response.begin()
File "/usr/lib/python3.7/http/client.py", line 296, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.7/http/client.py", line 257, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "/usr/lib/python3.7/socket.py", line 589, in readinto
return self._sock.recv_into(b)
File "/usr/lib/python3/dist-packages/urllib3/contrib/pyopenssl.py", line 307, in recv_into
raise timeout('The read operation timed out')
socket.timeout: The read operation timed out

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 449, in send
timeout=timeout
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 638, in urlopen
_stacktrace=sys.exc_info()[2])
File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 367, in increment
raise six.reraise(type(error), error, _stacktrace)
File "/usr/lib/python3/dist-packages/six.py", line 693, in reraise
raise value
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 600, in urlopen
chunked=chunked)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 386, in _make_request
self._raise_timeout(err=e, url=url, timeout_value=read_timeout)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 306, in _raise_timeout
raise ReadTimeoutError(self, url, "Read timed out. (read timeout=%s)" % timeout_value)
urllib3.exceptions.ReadTimeoutError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Read timed out. (read timeout=45)

During handling of the above exception, another exception occurred:

requests.exceptions.ReadTimeout: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Read timed out. (read timeout=45)
Please see the logfiles in /var/log/letsencrypt for more details.
root@debian:/etc/letsencrypt#

5

It works ! But i have to enter subdomains one by one:

root@debian:/home/guenoel# /usr/bin/certbot certonly --manual --manual-public-ip-logging-ok --manual-auth-hook "/etc/letsencrypt/lexicon-ovh.sh create" --manual-cleanup-hook "/etc/letsencrypt/lexicon-ovh.sh delete" --preferred-challenges dns -d guenoel.fr
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for guenoel.fr
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/guenoel.fr/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/guenoel.fr/privkey.pem
    Your cert will expire on 2019-03-27. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot
    again. To non-interactively renew all of your certificates, run
    "certbot renew"

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
    Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation

6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.