why is my certbot installing as letsencrypt? If I run `letsencrypt -renew- or some valid command it works, bet why is my certbot named letsencrypt rather than certbot? Is there a way to fix this?
Certbot used to be called âletsencryptâ. The project was renamed in 2016.
If youâre using a very old version (before 0.6.0), it will be called letsencrypt.
If youâre using a newer version, your package might install identical âcertbotâ and âletsencryptâ executables for backwards compatibility.
What OS (including version) are you using?
How did you install Certbot?
What version is it?
1 Like
OS: Ubuntu 16.04.5 LTS
How I installed certbot: I am not sure, it was a long time ago.
what version is it: letsencrypt version: 0.4.1
if I am using a very old version I must have initially installed it wrong. How can I do a clean reinstall of the latest version?
You should visit https://certbot.eff.org/ and enter your web server and OS to get instructions to install the latest version, with the name certbot.
@jsha thanks,
but now that I see it, I am pretty sure this is where I got the installation directions and did the following:
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository universe
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache
but it installed as âletsecryptâ so is there another solution?
It installs as âcertbotâ and âletsencryptâ. Theyâre identical.
What do these show?
$ sudo certbot --version
$ sudo letsencrypt --version
$ sudo apt-get upgrade
1 Like
@mnordhoff sorry I had to work for a few hours so I was away.
anyway:
$ sudo certbot --version
â> sudo: certbot: command not found
$ sudo letsencrypt --version
â> letsencrypt 0.4.1
$ sudo apt-get upgrade
output was just upgrades installing
if certbot and letsencrypt are identical, why does the software install as letsencrypt on some systems (like mine) and certbot on others?
That depends mainly on when it was installed.
But one name is just an alias to the other; so both names do exactly the same thing (on systems supporting both names).
Your ACME client is very old and only uses one name ("letsencrypt").
Step #1: Update letsencrypt/certbot.
[Do not go on to any other step before completing step #1]
The previous answer is almost exactly what I want but when I run the commands:
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository universe
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache
everything works until the last command and the output from that failed command is:
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
python-certbot-apache : Depends: python3-certbot-apache but it is not going to be installed
E: Unable to correct problems, you have held broken package
I'd love to upgrade letsencrypt and turn it into certbot but I am getting that problem.. any ideae what that output means/how to fix it?
This is usually due to problems with existing packages on the system.
You can get more information by trying to install that package directly (and rinse-repeat if it complains about a different package):
apt -y install python3-certbot-apache@_az actually I get the same output when I try to just install the broken package by running that command
:\
Maybe this will show the problem:
apt -o Debug::pkgProblemResolver=true install python3-certbot-apache
I would also super double check that this step actually succeeded:
firstly:
$ sudo add-apt-repository universe
'universe' distribution component is already enabled for all sources.
the universe command did work.
Secondly:
$ apt -o Debug::pkgProblemResolver=true install python3-certbot-apache
Reading package lists... Done
Building dependency tree
Reading state information... Done
Starting pkgProblemResolver with broken count: 1
Starting 2 pkgProblemResolver with broken count: 1
Investigating (0) python3-certbot-apache [ amd64 ] < none -> 0.28.0-1+ubuntu16.04.1+certbot+3 > ( python )
Broken python3-certbot-apache:amd64 Depends on apache2 [ amd64 ] < none -> 2.4.18-2ubuntu3.9 > ( web )
Considering apache2:amd64 1 as a solution to python3-certbot-apache:amd64 9999
Reinst Failed early because of apache2-bin:amd64
Considering apache2:amd64 1 as a solution to python3-certbot-apache:amd64 9999
Considering apache2:amd64 1 as a solution to python3-certbot-apache:amd64 9999
Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
python3-certbot-apache : Depends: apache2 but it is not going to be installed
E: Unable to correct problems, you have held broken packages.
I think the nature of the issue is probably that you might have Apache installed from some different package repository, or self-built .deb package?
dpkg-query -l apache2
Edit: Unfortunately I just tried my suggested solution of "just" installing python-certbot and it does omit the Certbot Apache plugin. So that's not helpful to you.
I'm not sure how exactly to work around this apart from forcing install (skipping broken packages) or using certbot-auto instead of the PPA, @bmw might have an idea.
I think so, apache was installed by serverpilot and I think they changed apache a bit to be serverpilot apache
but I did install certbot using $ apt -y install apache2 then installed certbot with $apt install certbot but when I run $ certbot -v I get the following output:
Root logging level set at 10
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator None and installer None
No candidate plugin
Selected authenticator None and installer None
Certbot doesn't know how to automatically configure the web server on this system. However, it can still get a certificate for you. Please run "certbot certonly" to do so. You'll need to manually configure your web server to use the resulting certificate.
I do not know what that output means but that is how I felt last time and you immediately knew the answer, so I am guessing that again you know why that output is printed.
Oops, posted the output twice 
Ah. Server Pilot is a bit of a special snowflake. It uses custom directories for its webserver and how it manages certificates. Certbot doesnât have an understanding of that environment.
Can I ask, are you 100% sure that Apache is the server at the âfrontâ of your ServerPilot stack? The reason is, to the best of my understanding, ServerPilot usually sticks nginx in front of Apache in its configuration. This can be confirmed with something like:
ss -tlnp | grep -E "(apache|nginx)"
Finally, you might consider using this specialized community script for ServerPilot + Letâs Encrypt - https://github.com/lesaff/serverpilot-letsencrypt - rather than trying to use Certbot in the suggested way. Internally it uses certbot-auto, and it is pre-configured to deal with ServerPilot environments itself.
Yes it is nginx, you are right.
Now that I have installed certbot, are you telling me to reinstall certbot-auto using sple.sh?
Well, it's not strictly necessary. You can definitely use your currently Certbot like:
certbot certonly -d example.org --webroot -w /path/to/your/webroot
and then configure your nginx config to use that certificate.
The only reason I suggest to use that script is that it can do some of the more complicated manual steps for you, like generating your SSL virtualhosts in nginx and reloading nginx during renewals.
Since ServerPilot is not officially an environment supported by Certbot, you'd otherwise be "on your own" (or requiring community support).
oh ok thank for telling me before it became a problem, I will reinstall using sple.sh then. Do I have to remove the old versions of certbot and letsencrypt before installing certbot-auto first?
Yes, itâs a good idea to only have a single variant of Certbot installed. It could cause some problems with the configuration directory and redundant cron tasks.