Error runnning Certbot Renew via Crontab

Certbot: 0.28
Server: Raspbian Stretch (Debian 9)

I have updated my certificates to wildcard. All seems to be working except running the renewal process via crontab. I’ve followed this guide and am using cloudflare api to authenicate.

https://amisafe.secops.in/letsencrypt-wildcard-ssl-certificate/

The issue I am having now is when auto renewal via cron.

* * * * * certbot renew

I receive this error.

File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.28.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1310, in main
plugins = plugins_disco.PluginsRegistry.find_all()
File "/usr/lib/python3/dist-packages/certbot/plugins/disco.py", line 206, in find_all
plugin_ep = PluginEntryPoint(entry_point)
File "/usr/lib/python3/dist-packages/certbot/plugins/disco.py", line 52, in __init__
self.plugin_cls = entry_point.load()
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2290, in load
self.require(*args, **kwargs)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2307, in require
items = working_set.resolve(reqs, env, installer)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 854, in resolve
raise VersionConflict(dist, req).with_context(dependent_req)

pkg_resources.VersionConflict: (certbot 0.28.0 (/usr/lib/python3/dist-packages),
Requirement.parse('certbot>=0.39.0'))
2019-12-09 00:00:17,903:ERROR:certbot.log:An unexpected error occurred:

However, if I run the renewal via cli, it runs fine. Just via crontab.

sudo certbot renew
1 Like

As strange as it may seem, it looks like you might have multiple versions of certbot.
Try:
find / -name certbot
and
which certbot

which certbot

/usr/local/bin/certbot

sudo find / -name certbot

/etc/logrotate.d/certbot
/etc/cron.d/certbot
/tmp/certbot
/tmp/certbot/certbot
/tmp/certbot/certbot/certbot
/root/.cache/Python-Eggs/certbot-1.0.0-py2.7.egg-tmp/certbot
/usr/bin/certbot
/usr/lib/python3/dist-packages/certbot
/usr/local/bin/certbot
/usr/share/doc/certbot
/home/ws1/.cache/Python-Eggs/certbot-1.0.0-py2.7.egg-tmp/certbot
/home/ws1/.cache/Python-Eggs/certbot-1.0.0-py3.5.egg-tmp/certbot

which letsencrypt

/usr/bin/letsencrypt

sudo find / -name letsencrypt

/etc/letsencrypt
/var/log/letsencrypt
/var/lib/letsencrypt
/usr/bin/letsencrypt
/usr/share/doc/letsencrypt
/mnt/www/letsencrypt
1 Like

Try:
/usr/bin/certbot --version
/usr/local/bin/certbot --version

1 Like

/usr/bin/certbot --version

An unexpected error occurred:
pkg_resources.VersionConflict: (certbot 0.28.0 (/usr/lib/python3/dist-packages), Requirement.parse('certbot>=0.39.0'))
Please see the logfile '/tmp/tmprrnvc53_' for more details.

/usr/local/bin/certbot --version

certbot 1.0.0
1 Like

So you do have two certbots…
I would delete:
/usr/bin/certbot

And also update the cronjob to something less monotonous.
This
* * * * * certbot renew
means it will run on every minute of every hour of every day (all year long).
I don’t know where you got that from but it is very unusual and extremely overburdening.

1 Like

If I delete this file
/usr/bin/certbot

where is certbot 0.28 located?

Or once I delete that file

 /usr/local/bin/certbot --version

Will show V. 0.28 ?

The cronjob sample above was my test. I usually have it set to renew once a week.

That is 0.28.0 and it is broken and outdated.

1 Like

I renamed the certbot file as suggested and I get this error. I also tried to rename the other file and got the same error. I only rename one and kept the other as is.

/bin/sh: 1: certbot: not found

The content of the two certbot files are as follows.

/usr/local/bin/certbot

#!/usr/bin/python2.7
# EASY-INSTALL-ENTRY-SCRIPT: 'certbot==1.0.0','console_scripts','certbot'
__requires__ = 'certbot==1.0.0'
import re
import sys
from pkg_resources import load_entry_point

if __name__ == '__main__':
    sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0])
    sys.exit(
        load_entry_point('certbot==1.0.0', 'console_scripts', 'certbot')()
    )

/usr/bin/certbot

#!/usr/bin/python3
# EASY-INSTALL-ENTRY-SCRIPT: 'certbot==0.28.0','console_scripts','certbot'
__requires__ = 'certbot==0.28.0'
import re
import sys
from pkg_resources import load_entry_point

if __name__ == '__main__':
    sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0])
    sys.exit(
        load_entry_point('certbot==0.28.0', 'console_scripts', 'certbot')()
    )

Update: I got it working.
For some reason, my eyes think Certbot==1.0.0 is smaller than Cert==0.28.0. I fiddle with the 2 files again and made both files identical using the Certbot=1.0.0 file. Ran the ‘certbot renew’ via cron and it works. I think both files are required and one of them was outdated or never was updated when I had to update Certbot a few months back.

1 Like

The only reason you are thinking this is because you don’t use a path in your call to certbot; so the O/S path is used (for that particular user).
Apparently the current user path and the root user path are different.
Try these and compare:
which certbot
sudo which certbot

Or just specify the exact path in the cronjob to the newer version and be done with the old one.

1 Like

@rg305
Thank you for the clarification. Both of these cmd, yield this path.
which certbot
sudo which certbot

/usr/bin/certbot

I have deleted the other path.

/usr/local/bin/certbot

Test and still good.

1 Like

I’m a bit confused…
The version of file /usr/bin/certbot was 0.28.0 not 1.0.0.
Is that still the case?
Did you overwrite /usr/bin/cerbot with /usr/local/bin/certbot ?

1 Like

The OS was using this file /usr/bin/certbot which had the older version. I overwrite it when I was testing which file the OS was using, then delete /usr/local/bin/certbot .

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.