ImportError: No module named cryptography

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: feed.hamptons-international.com

I ran this command: certbot-auto --help

It produced this output:
$ certbot-auto --help
Requesting to rerun /usr/local/bin/certbot-auto with root privileges…
Error: couldn’t get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 7, in
from certbot.main import main
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py”, line 2, in
from certbot._internal import main as internal_main
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/_internal/main.py”, line 10, in
import josepy as jose
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/init.py”, line 41, in
from josepy.interfaces import JSONDeSerializable
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/interfaces.py”, line 7, in
from josepy import errors, util
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/util.py”, line 7, in
import OpenSSL
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/init.py”, line 8, in
from OpenSSL import crypto, SSL
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/crypto.py”, line 12, in
from cryptography import x509
ImportError: No module named cryptography

My web server is (include version):
$ httpd -v
Server version: Apache/2.4.43 (Amazon)
Server built: May 14 2020 18:12:28

The operating system my web server runs on is (include version):
$ cat /etc/system-release
Amazon Linux AMI release 2018.03

My hosting provider, if applicable, is:
Amazon (EC2)

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
$ certbot-auto --version
Requesting to rerun /usr/local/bin/certbot-auto with root privileges…
Error: couldn’t get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 7, in
from certbot.main import main
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py”, line 2, in
from certbot._internal import main as internal_main
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/_internal/main.py”, line 10, in
import josepy as jose
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/init.py”, line 41, in
from josepy.interfaces import JSONDeSerializable
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/interfaces.py”, line 7, in
from josepy import errors, util
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/util.py”, line 7, in
import OpenSSL
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/init.py”, line 8, in
from OpenSSL import crypto, SSL
File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/crypto.py”, line 12, in
from cryptography import x509
ImportError: No module named cryptography

1 Like

I found this post Amazon Linux -> ImportError: No module named cryptography.hazmat.bindings.openssl.binding - #4 by xinxilas
that gave the following solution
/opt/eff.org/certbot/venv/local/bin/pip install cryptography interface
In my case I had to use sudo with it.
After this, when I issued certbot-auto --help I got
$ certbot-auto --help
Requesting to rerun /usr/local/bin/certbot-auto with root privileges...
Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in
from certbot.main import main
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py", line 2, in
from certbot._internal import main as internal_main
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/_internal/main.py", line 11, in
import zope.component
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/component/init.py", line 23, in
from zope.component.interfaces import IComponentArchitecture
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/component/interfaces.py", line 21, in
import zope.deferredimport
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/deferredimport/init.py", line 1, in
from zope.deferredimport.deferredmodule import initialize
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/deferredimport/deferredmodule.py", line 18, in
import zope.proxy
ImportError: No module named proxy

I know very little about python so should I just do the same for the proxy module?
ie
sudo /opt/eff.org/certbot/venv/local/bin/pip install proxy

1 Like

Well I tried it, but no luck

$ sudo /opt/eff.org/certbot/venv/local/bin/pip install proxy
Collecting proxy
  Downloading https://files.pythonhosted.org/packages/56/a0/fd0b0b4bb6dfc6c1feae51201ba403624e40af554a21168591af305a6cbc/proxy-0.0.1-py2.py3-none-any.whl
Installing collected packages: proxy
Successfully installed proxy-0.0.1
You are using pip version 9.0.1, however version 20.1.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.


$ certbot-auto --help
Requesting to rerun /usr/local/bin/certbot-auto with root privileges...
Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
    from certbot.main import main
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py", line 2, in <module>
    from certbot._internal import main as internal_main
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/_internal/main.py", line 11, in <module>
    import zope.component
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/component/__init__.py", line 23, in <module>
    from zope.component.interfaces import IComponentArchitecture
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/component/interfaces.py", line 21, in <module>
    import zope.deferredimport
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/deferredimport/__init__.py", line 1, in <module>
    from zope.deferredimport.deferredmodule import initialize
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/deferredimport/deferredmodule.py", line 18, in <module>
    import zope.proxy
ImportError: No module named proxy
1 Like

you want to do:

sudo /opt/eff.org/certbot/venv/local/bin/pip install zope.proxy

I don't know why the certbot installer is not installing these things. It looks like you opened a ticket on Certbot, which I think is the right thing to do!

2 Likes

I just noticed these 2 lines..

pip 9.0.1 is very old - from Nov 2016.

you should upgrade it, as described above... but you should also take a moment to audit your server and see what else needs to be updated.

1 Like

Thanks jvanasco, I did notice those notices about the pip version, but they did say “You should consider upgrading…” and as I was not sure what effect this might have on other python code running on the box as part of the ec2/beanstalk infrastructure management I was reluctant to meddle. This issue is in a newly created beanstalk single ec2 instance environment, albeit with an outdated php5.6 runtime for a legacy app.

1 Like

Thanks jvanasco, I’ll try this first thing Monday :+1:

2 Likes

pip is just the package installer, which communicates with Python’s repository - or installs your proprietary code. It’s built with the standard library and third-party libraries that are “vendored”, so upgrading it will not trigger upgrading other packages. You can invoke pip freeze and save the output - that is just a listing of all the current 3rd party packages and their version numbers - to know exactly what is running on the server at that time.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.