Fail to run "sudo certbot --nginx" command

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

I was trying to apply ssl certifcate for my web from tutorial, however it output some error when I ran this commad: sudo certbot --nginx

My domain

I ran this command:
sudo certbot --nginx

It produced this output:

Authenticating with public key “imported-openssh-key”

$ sudo certbot --nginx
Traceback (most recent call last):
File “/usr/bin/certbot”, line 11, in
load_entry_point(‘certbot==0.31.0’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python3/dist-packages/pkg_resources/”, line 480, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File “/usr/lib/python3/dist-packages/pkg_resources/”, line 2693, in load_entry_point
return ep.load()
File “/usr/lib/python3/dist-packages/pkg_resources/”, line 2324, in load
return self.resolve()
File “/usr/lib/python3/dist-packages/pkg_resources/”, line 2330, in resolve
module = import(self.module_name, fromlist=[‘name’], level=0)
File “/usr/lib/python3/dist-packages/certbot/”, line 10, in
import josepy as jose
File “/usr/lib/python3/dist-packages/josepy/”, line 44, in
from josepy.interfaces import JSONDeSerializable
File “/usr/lib/python3/dist-packages/josepy/”, line 8, in
from josepy import errors, util
File “/usr/lib/python3/dist-packages/josepy/”, line 4, in
import OpenSSL
File “/home/ubuntu/.local/lib/python3.6/site-packages/OpenSSL/”, line 8, in
from OpenSSL import crypto, SSL
File “/home/ubuntu/.local/lib/python3.6/site-packages/OpenSSL/”, line 12, in
from cryptography import x509
File “/home/ubuntu/.local/lib/python3.6/site-packages/cryptography/x509/”, line 8, in
from cryptography.x509.base import (
File “/home/ubuntu/.local/lib/python3.6/site-packages/cryptography/x509/”, line 16, in
from cryptography.x509.extensions import Extension, ExtensionType
File “/home/ubuntu/.local/lib/python3.6/site-packages/cryptography/x509/”, line 18, in
from cryptography.hazmat.primitives import constant_time, serialization
File “/home/ubuntu/.local/lib/python3.6/site-packages/cryptography/hazmat/primitives/”, line 11, in
from cryptography.hazmat.bindings._constant_time import lib
ModuleNotFoundError: No module named ‘cryptography.hazmat.bindings._constant_time’

My web server is (include version):
Nginx 1.14.2

The operating system my web server runs on is (include version):
Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-1063-aws x86_64)

My hosting provider, if applicable, is: AWS EC2

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): I don’t know.

How did you install certbot?

Also, tell me what’s the output of
sudo apt update && apt list --upgradable | grep -E 'certbot|python'

And how did the Python cryptography and OpenSSL modules get installed in /home/ubuntu/.local?

I follow these commands to install cerbot.
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot python-certbot-nginx

Here is the output of
sudo apt update && apt list --upgradable | grep -E ‘certbot|python’:

Fetched 5633 kB in 3s (1656 kB/s)
Reading package lists… Done
Building dependency tree
Reading state information… Done
157 packages can be upgraded. Run ‘apt list --upgradable’ to see them.

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

libpython3-dev/bionic-updates 3.6.7-1~18.04 amd64 [upgradable from: 3.6.5-3ubuntu1]
libpython3-stdlib/bionic-updates 3.6.7-1~18.04 amd64 [upgradable from: 3.6.5-3ubuntu1]
libpython3.6/bionic-updates 3.6.9-1~18.04 amd64 [upgradable from: 3.6.8-1~18.04.3]
libpython3.6-dev/bionic-updates 3.6.9-1~18.04 amd64 [upgradable from: 3.6.8-1~18.04.3]
libpython3.6-minimal/bionic-updates 3.6.9-1~18.04 amd64 [upgradable from: 3.6.8-1~18.04.3]
libpython3.6-stdlib/bionic-updates 3.6.9-1~18.04 amd64 [upgradable from: 3.6.8-1~18.04.3]
python3/bionic-updates 3.6.7-1~18.04 amd64 [upgradable from: 3.6.5-3ubuntu1]
python3-apport/bionic-updates 2.20.9-0ubuntu7.13 all [upgradable from: 2.20.9-0ubuntu7.12]
python3-configobj/bionic 5.0.6-2+ubuntu18.04.1+certbot+1 all [upgradable from: 5.0.6-2]
python3-debconf/bionic-updates 1.5.66ubuntu1 all [upgradable from: 1.5.66]
python3-dev/bionic-updates 3.6.7-1~18.04 amd64 [upgradable from: 3.6.5-3ubuntu1]
python3-distupgrade/bionic-updates 1:18.04.37 all [upgradable from: 1:18.04.28]
python3-distutils/bionic-updates 3.6.9-1~18.04 all [upgradable from: 3.6.5-3]
python3-gdbm/bionic-updates 3.6.9-1~18.04 amd64 [upgradable from: 3.6.5-3]
python3-gi/bionic-updates 3.26.1-2ubuntu1 amd64 [upgradable from: 3.26.1-2]
python3-httplib2/bionic-updates 0.9.2+dfsg-1ubuntu0.1 all [upgradable from: 0.9.2+dfsg-1]
python3-lib2to3/bionic-updates 3.6.9-1~18.04 all [upgradable from: 3.6.5-3]
python3-minimal/bionic-updates 3.6.7-1~18.04 amd64 [upgradable from: 3.6.5-3ubuntu1]
python3-problem-report/bionic-updates 2.20.9-0ubuntu7.13 all [upgradable from: 2.20.9-0ubuntu7.12]
python3-update-manager/bionic-updates 1: all [upgradable from: 1:]
python3-zope.interface/bionic 4.3.2-1+ubuntu18.04.1+certbot+1 amd64 [upgradable from: 4.3.2-1build2]
python3.6/bionic-updates 3.6.9-1~18.04 amd64 [upgradable from: 3.6.8-1~18.04.3]
python3.6-dev/bionic-updates 3.6.9-1~18.04 amd64 [upgradable from: 3.6.8-1~18.04.3]
python3.6-minimal/bionic-updates 3.6.9-1~18.04 amd64 [upgradable from: 3.6.8-1~18.04.3]

You should probably upgrade but doesn’t look like a problem.

Tell me the output of which -a certbot and sudo which -a certbot

in one of those, I guess, if they are installed via apt:

% python3
Python 3.8.2 (default, Mar 13 2020, 10:14:16) 
[GCC 9.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import sys
>>> print (sys.path)
['', '/usr/lib/', '/usr/lib/python3.8', '/usr/lib/python3.8/lib-dynload', '/usr/local/lib/python3.8/dist-packages', '/usr/lib/python3/dist-packages']

It looks like you installed them via pip in your home directory…

(I am on a prerelease version of ubuntu 20.04, your paths and version numbers might be different.)

The output of which -a certbot and sudo which -a certbot is

The output of which -a certbot and sudo which -a certbot is

run sudo -i

and then certbot {whatever option you want}

then Ctrl+d

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.