Installing Certbot while ignoring Cryptography

dumdedumda · August 20, 2022, 12:41am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: dumdedumda.duckdns.org

I ran this command: sudo /opt/certbot/bin/pip install certbot

It produced this output:

      Python: 3.7.3
      platform: Linux-5.18.6-kirkwood-tld-1-armv5tel-with-debian-10.12
      pip: n/a
      setuptools: 65.1.0
      setuptools_rust: 1.5.1
      =============================DEBUG ASSISTANCE=============================

error: Rust 1.34.2 does not match extension requirement >=1.41.0
[end of output]

note: This error originates from a subprocess, and is likely not a problem with pip.
ERROR: Failed building wheel for cryptography
Failed to build cryptography
ERROR: Could not build wheels for cryptography, which is required to install pyproject.toml-based projects

Additional details & question: I was able to successfully install cryptography 3.1.1 as noted by:
"sudouser@debian:~$ sudo pip3 install cryptography
Requirement already satisfied: cryptography in /usr/local/lib/python3.7/dist-packages (3.1.1)"
&
"sudouser@debian:~$ sudo pip list
Package Version

cryptography 3.1.1
pip 22.2.2
pycparser 2.21
pycurl 7.43.0.2
PyGObject 3.30.4
python-apt 1.8.4.3
setuptools 65.1.0
six 1.16.0"

Any way to get Certbot installer to ignore Cryptography installation?

My web server is (include version): Apache/2.4.38 (Debian)

The operating system my web server runs on is (include version): Linux

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): N/A

Bruce5051 · August 20, 2022, 12:56am

Hello @dumdedumda, welcome to the Let's Encrypt community.

May suggest trying this method of installing Certbot Certbot Instructions | Certbot this specific for Apache on Debian.

Here is the more general link Certbot Instructions | Certbot
And the Certbot home page https://certbot.eff.org/

Bruce5051 · August 20, 2022, 1:00am

Note I do not find any DNS Records for your domain DNS Lookup - Check All DNS Records for Any Domain

Osiris · August 20, 2022, 7:17am

Rust is required by cryptography to build certain parts of it and it seems your installed rust is too old.

Certbot requires cryptography>=2.5.0 which is already installed, but not in the virtual environment. So pip tries to install it anyway, requiring Rust again.

Personally, I would NOT install any pip package outside a virtual environment (i.e., globally in /usr/local/lib/pythonx.y). Installing stuff globally using pip is asking for more and more dependency troubles.

I'm not sure if pip can just ignore installing cryptography in the venv, but I also do not recommend it. I'd update Rust to a version of 1.41.0 or above and just install everything from within the venv.

Alternatively you could try other methods of installing Certbot as already mentioned. The Certbot team recommends the snap method.

Edit: It looks like the package rust-all on Debian sid is already at version 1.59.0, so shouldn't be too hard to update Rust.

system · September 19, 2022, 7:18am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.