Having an issue creating a cert

My domain is: riverside.rocks

I ran this command: sudo certbot --manual --preferred-challenges=dns --email trent@riverside.rocks --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.riverside.rocks

It produced this output:

Traceback (most recent call last):
  File "/usr/bin/certbot", line 11, in <module>
    load_entry_point('certbot==0.31.0', 'console_scripts', 'certbot')()
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1365, in main
    return config.func(config, plugins)
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 1101, in run
    installer, authenticator = plug_sel.choose_configurator_plugins(config, plugins, "run")
  File "/usr/lib/python3/dist-packages/certbot/plugins/selection.py", line 210, in choose_configurator_plugins
    raise errors.MissingCommandlineFlag(msg)

My web server is (include version): Apache/2.4.38

The operating system my web server runs on is (include version): Debian 10

My hosting provider, if applicable, is: I self host

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.31.0

1 Like

I think this some weird behaviour a very old version of certbot. Without specifying a specific 'subcommand', the default subcommand is run. This subcommand apparently requires (in version 0.31.0 at least) an installer plugin, which isn't selected on the command line.

If you don't need an installer plugin to install the certificate into your Apache (i.e.: after getting the certificate, you'll need to configure Apache yourself entirely), you can use the certonly subcommand by running sudo certbot certonly followed by all the other options you already used earlier.

Also, the Debian package is, like I said earlier, quite old. The certbot team nowadays recommends using "snap": https://certbot.eff.org/lets-encrypt/debianbuster-apache As the certbot team can update the snaps themselves, you'll always have the ability to run a recent version. And not be at the peril of the distribution package maintainers.