Facing issue for installing certbot

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://ukon-proc.casec.com/

I ran this command: sudo yum install -y certbot python2-certbot-apache

It produced this output:
sudo yum install -y certbot python2-certbot-apache
Loaded plugins: aliases, auto-update-debuginfo, changelog, dkms-build-requires, fastestmirror, filter-data, fs-snapshot, keys, list-data, local, merge-conf, ovl, post-
: transaction-actions, pre-transaction-actions, protectbase, ps, refresh-updatesd, remove-with-leaves, rpm-warm-cache, show-leaves, tmprepo, tsflags,
: update-motd, upgrade-helper, verify, versionlock
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 8.7 kB 00:00:00

  • epel: mirrors.nipa.cloud
    amzn-main | 2.1 kB 00:00:00
    amzn-updates | 3.8 kB 00:00:00
    Skipping filters plugin, no data
    0 packages excluded due to repository protections
    Resolving Dependencies
    Skipping filters plugin, no data
    --> Running transaction check
    ---> Package certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: python2-certbot = 1.11.0-2.el7 for package: certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    ---> Package python2-certbot-apache.noarch 0:1.11.0-1.el7 will be installed
    --> Processing Dependency: python2-acme >= 0.29.0 for package: python2-certbot-apache-1.11.0-1.el7.noarch
    --> Processing Dependency: python-augeas for package: python2-certbot-apache-1.11.0-1.el7.noarch
    --> Running transaction check
    ---> Package certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    ---> Package python2-acme.noarch 0:1.11.0-1.el7 will be installed
    --> Processing Dependency: pyOpenSSL >= 0.13.1 for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-josepy >= 1.1.0 for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-requests >= 2.6.0 for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-cryptography for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-pyasn1 for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-six for package: python2-acme-1.11.0-1.el7.noarch
    ---> Package python2-certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: python2-cryptography >= 1.2.3 for package: python2-certbot-1.11.0-2.el7.noarch
    ---> Package python2-certbot-apache.noarch 0:1.11.0-1.el7 will be installed
    --> Processing Dependency: python-augeas for package: python2-certbot-apache-1.11.0-1.el7.noarch
    --> Running transaction check
    ---> Package certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    ---> Package python2-acme.noarch 0:1.11.0-1.el7 will be installed
    --> Processing Dependency: pyOpenSSL >= 0.13.1 for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-cryptography for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-pyasn1 for package: python2-acme-1.11.0-1.el7.noarch
    ---> Package python2-certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: python2-cryptography >= 1.2.3 for package: python2-certbot-1.11.0-2.el7.noarch
    ---> Package python2-certbot-apache.noarch 0:1.11.0-1.el7 will be installed
    --> Processing Dependency: python-augeas for package: python2-certbot-apache-1.11.0-1.el7.noarch
    ---> Package python2-josepy.noarch 0:1.3.0-2.el7 will be installed
    --> Processing Dependency: python2-cryptography for package: python2-josepy-1.3.0-2.el7.noarch
    --> Processing Dependency: python2-setuptools for package: python2-josepy-1.3.0-2.el7.noarch
    ---> Package python2-requests.noarch 0:2.6.0-0.el7 will be installed
    --> Processing Dependency: python-requests >= 2.6.0 for package: python2-requests-2.6.0-0.el7.noarch
    ---> Package python2-six.noarch 0:1.9.0-0.el7 will be installed
    --> Processing Dependency: python-six >= 1.9.0 for package: python2-six-1.9.0-0.el7.noarch
    --> Finished Dependency Resolution
    Error: Package: python2-requests-2.6.0-0.el7.noarch (epel)
    Requires: python-requests >= 2.6.0
    Installed: python26-requests-1.2.3-5.10.amzn1.noarch (@amzn-main)
    python-requests = 1.2.3-5.10.amzn1
    Error: Package: python2-acme-1.11.0-1.el7.noarch (epel)
    Requires: python2-pyasn1
    Error: Package: python2-acme-1.11.0-1.el7.noarch (epel)
    Requires: python2-cryptography
    Error: Package: certbot-1.11.0-2.el7.noarch (epel)
    Requires: systemd
    Error: Package: python2-six-1.9.0-0.el7.noarch (epel)
    Requires: python-six >= 1.9.0
    Installed: python26-six-1.8.0-1.23.amzn1.noarch (@amzn-main)
    python-six = 1.8.0-1.23.amzn1
    Error: Package: python2-josepy-1.3.0-2.el7.noarch (epel)
    Requires: python2-setuptools
    Error: Package: python2-certbot-apache-1.11.0-1.el7.noarch (epel)
    Requires: python-augeas
    Error: Package: python2-certbot-1.11.0-2.el7.noarch (epel)
    Requires: python2-cryptography >= 1.2.3
    Error: Package: python2-acme-1.11.0-1.el7.noarch (epel)
    Requires: pyOpenSSL >= 0.13.1
    Installed: python26-pyOpenSSL-0.10-2.8.amzn1.x86_64 (@amzn-main)
    pyOpenSSL = 0.10-2.8.amzn1
    Error: Package: python2-josepy-1.3.0-2.el7.noarch (epel)
    Requires: python2-cryptography
    You could try using --skip-broken to work around the problem
    You could try running: rpm -Va --nofiles --nodigest

My web server is (include version):Server version: Apache/2.4.33
The operating system my web server runs on is (include version): Amazon Linux AMI release 2018.03

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

2

I don't think it's possible to install Certbot from EPEL on Amazon Linux 1, due to its age and the way its packaging works. It is possible on Amazon Linux 2 though.

If you have to use AL1, you could try the instructions to install Certbot via pip, with this alteration to the instructions:

  • Install these yum packages as dependencies: python36 python36-tools python36-pip augeas-libs

You also have the option to try a different ACME client option that might work on Amazon Linux 1.

5 Likes
3

Yeah, I think for out-of-support systems (well, Amazon Linux 1 has some support for the next year and a half) it's much easier to use something other than Certbot. The Client Options page that @_az linked to is (kinda weirdly) sorted by implementation language, so you probably want something from the "Bash" or "Go" sections since those tend to have the simplest installations (of just copy a file onto the server).

But you should probably be looking at moving to Amazon Linux 2 (though that also has support ending in a year-and-a-half) and the coming-soon Amazon Linux 2022.

4 Likes
4

I agree with @_az and @petercooperjr that a different client is better for AL1 (and 2).

With Amazon Linux 2 you can install Certbot from EPEL but it is version 1.11 so does not properly support the --preferred-chain option that is occasionally needed. A snap install is possible but requires an unofficial repo for snapd from snapcraft which omits Selinux package that AL2 does not support.

Peter's link to Amazon 2022 (thanks!) says Selinux will be supported so perhaps the snap install for Certbot will work more easily.

4 Likes
5

Hi
is there any alternate way to install certbot ??

[root@ukon-proc-login tmp]# yum install -y certbot --skip-broken
Loaded plugins: aliases, auto-update-debuginfo, changelog, dkms-build-requires, fastestmirror, filter-data, fs-snapshot, keys, list-data, local, merge-conf, ovl, post-
: transaction-actions, pre-transaction-actions, protectbase, ps, refresh-updatesd, remove-with-leaves, rpm-warm-cache, show-leaves, tmprepo, tsflags,
: update-motd, upgrade-helper, verify, versionlock
Loading mirror speeds from cached hostfile

  • epel: d2lzkl7pfhq30w.cloudfront.net
    amzn-main | 2.1 kB 00:00:00
    amzn-updates | 3.8 kB 00:00:00
    Skipping filters plugin, no data
    0 packages excluded due to repository protections
    Resolving Dependencies
    Skipping filters plugin, no data
    --> Running transaction check
    ---> Package certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: python2-certbot = 1.11.0-2.el7 for package: certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    --> Running transaction check
    ---> Package certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    ---> Package python2-certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: python2-acme >= 1.8.0 for package: python2-certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: python2-cryptography >= 1.2.3 for package: python2-certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: python2-josepy >= 1.1.0 for package: python2-certbot-1.11.0-2.el7.noarch
    --> Running transaction check
    ---> Package certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    ---> Package python2-acme.noarch 0:1.11.0-1.el7 will be installed
    --> Processing Dependency: pyOpenSSL >= 0.13.1 for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-requests >= 2.6.0 for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-cryptography for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-pyasn1 for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-six for package: python2-acme-1.11.0-1.el7.noarch
    ---> Package python2-certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: python2-cryptography >= 1.2.3 for package: python2-certbot-1.11.0-2.el7.noarch
    ---> Package python2-josepy.noarch 0:1.3.0-2.el7 will be installed
    --> Processing Dependency: python2-cryptography for package: python2-josepy-1.3.0-2.el7.noarch
    --> Processing Dependency: python2-setuptools for package: python2-josepy-1.3.0-2.el7.noarch
    --> Running transaction check
    ---> Package certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    --> Processing Dependency: systemd for package: certbot-1.11.0-2.el7.noarch
    ---> Package python2-acme.noarch 0:1.11.0-1.el7 will be installed
    --> Processing Dependency: pyOpenSSL >= 0.13.1 for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-cryptography for package: python2-acme-1.11.0-1.el7.noarch
    --> Processing Dependency: python2-pyasn1 for package: python2-acme-1.11.0-1.el7.noarch
    ---> Package python2-certbot.noarch 0:1.11.0-2.el7 will be installed
    --> Processing Dependency: python2-cryptography >= 1.2.3 for package: python2-certbot-1.11.0-2.el7.noarch
    ---> Package python2-josepy.noarch 0:1.3.0-2.el7 will be installed
    --> Processing Dependency: python2-cryptography for package: python2-josepy-1.3.0-2.el7.noarch
    --> Processing Dependency: python2-setuptools for package: python2-josepy-1.3.0-2.el7.noarch
    ---> Package python2-requests.noarch 0:2.6.0-0.el7 will be installed
    --> Processing Dependency: python-requests >= 2.6.0 for package: python2-requests-2.6.0-0.el7.noarch
    ---> Package python2-six.noarch 0:1.9.0-0.el7 will be installed
    --> Processing Dependency: python-six >= 1.9.0 for package: python2-six-1.9.0-0.el7.noarch

Packages skipped because of dependency problems:
certbot-1.11.0-2.el7.noarch from epel
python2-acme-1.11.0-1.el7.noarch from epel
python2-certbot-1.11.0-2.el7.noarch from epel
python2-josepy-1.3.0-2.el7.noarch from epel
python2-requests-2.6.0-0.el7.noarch from epel
python2-six-1.9.0-0.el7.noarch from epel

6

Yes. I linked you to the pip instructions, which you can try follow.

3 Likes
7

Thanks its work

8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.