I have an aws Linux AMI running an httpd server for a non profit’s website.
I set up an ssl certificate with cert bot back in Oct-Nov of last year. Everything went smooth. Was able to manually renew the certificates in January. Was having an issue where running dry run and updating was wiping out my httpd.conf section that had my 443 virtual host entry, which is why I am updating manually.
Went to go update today and recieved this
was reading about the cryptography.hazmat.bindings.openssl.binding missing and found a solution to the issue online that required installing some libraries with pip
went to run the command and got this
[ec2-user@ip-172-31-0-238 ~]$ pip install --upgrade pip Collecting pip Downloading pip-9.0.3-py2.py3-none-any.whl (1.4MB) 100% |████████████████████████████████| 1.4MB 818kB/s Installing collected packages: pip Found existing installation: pip 9.0.1 Uninstalling pip-9.0.1: Exception: Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/pip/basecommand.py", line 215, in main status = self.run(options, args) File "/usr/lib/python2.7/dist-packages/pip/commands/install.py", line 342, in run prefix=options.prefix_path, File "/usr/lib/python2.7/dist-packages/pip/req/req_set.py", line 778, in install requirement.uninstall(auto_confirm=True) File "/usr/lib/python2.7/dist-packages/pip/req/req_install.py", line 754, in uninstall paths_to_remove.remove(auto_confirm) File "/usr/lib/python2.7/dist-packages/pip/req/req_uninstall.py", line 115, in remove renames(path, new_path) File "/usr/lib/python2.7/dist-packages/pip/utils/__init__.py", line 267, in renames shutil.move(old, new) File "/usr/lib64/python2.7/shutil.py", line 303, in move os.unlink(src) OSError: [Errno 13] Permission denied: '/usr/bin/pip' You are using pip version 9.0.1, however version 9.0.3 is available. You should consider upgrading via the 'pip install --upgrade pip' command. [ec2-user@ip-172-31-0-238 ~]$ sudo pip install --upgrade pip Collecting pip Using cached pip-9.0.3-py2.py3-none-any.whl Installing collected packages: pip Found existing installation: pip 9.0.1 Uninstalling pip-9.0.1: Successfully uninstalled pip-9.0.1 Successfully installed pip-9.0.3 Now pip isn't being recognized. but appears to be installed.
At this point I am wondering if I should just remove certbot-auto commandline tool and reinstall? What would that do to the current certificates? If i just remove the command line tool, they would still work being in the /letsencrypt folder
I think I would then set up a wildcard certificate for the site.
I’m just worried that the more I brute force my way through this I could wack up how the server is set up - it was set up and configured by someone else a few years ago before I started helping out. I have a decent grasp on linux and command line, however httpd and the aws linux is somewhat new for me.
Any advice would be appreciated