I accidentally upgraded certbot-auto before to do renew, and it fails to renew with following error

ouoabcde · April 2, 2019, 10:45am

I ran this command:
sudo -i

./certbot-auto --version
./certbot-auto renew --debug

It produced this output:
Error: couldn’t get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 7, in
from certbot.main import main
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py”, line 10, in
import josepy as jose
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/init.py”, line 44, in
from josepy.interfaces import JSONDeSerializable
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/interfaces.py”, line 8, in
from josepy import errors, util
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/util.py”, line 4, in
import OpenSSL
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/init.py”, line 8, in
from OpenSSL import crypto, SSL
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/crypto.py”, line 12, in
from cryptography import x509
ImportError: No module named cryptography

My web server is (include version):
nginx

The operating system my web server runs on is (include version):
amazon linux AMI

My hosting provider, if applicable, is:
AWS

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
when I tyoe ‘./certbot-auto --version’, above error shows. But it was 0.32.0 when I upgraded accidentally before to renew the certbot-auto.

When I searched about ImportError: No module named cryptography which is the last line of the error, every body was asking about this error ImportError: No module named cryptography.hazmat.bindings.openssl.binding. But this is not the one what I got. And when I just followed the solution that people saying about ‘ImportError: No module named cryptography.hazmat.bindings.openssl.binding’ this - the solution they were talking about was /opt/eff.org/certbot/venv/local/bin/pip install cryptography - and typed ‘./certbot-auto renew --debug’ again, I got the same error as shown above.

cf) I didn’t know that this ./certbot-auto --version was upgrading itself. So my certbot-auto version was upgraded to 0.27.1 -> 0.32.0. I think this is the reason that I get the error different from others, but I can’t fix mine. Please help me. Thanks

rg305 · April 2, 2019, 2:48pm

OpenSSL is mentioned in the debug.
Which version of OpenSSL are you using?

ouoabcde · April 3, 2019, 1:51am

Hi. The server’s OpenSSL version is OpenSSL 1.0.2k-fips 26 Jan 2017. And when I typed ./certbot-auto --version without sudo -i, and I received the message that
Requesting to rerun ./certbot-auto with root privileges…
Upgrading certbot-auto 0.30.0 to 0.32.0…
Replacing certbot-auto…
Error: couldn’t get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt: (and following the same error log as above)
So it seems like my server’s certbot-auto version is 0.30.0.

rg305 · April 3, 2019, 11:09pm

You can backup the directory if you want to, but it should be safe to just completely delete the directory:
/opt/eff.org/certbot

Then rerun/reinstall certbot-auto.

system · May 3, 2019, 11:09pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.