Lets'Encrypt v0.28.0 stopped working on Debian 8


#1

Lets’Encrypt version 0.28.0 stopped working on Debian 8: https://github.com/certbot/certbot/issues/6494

The problem is noticed only on Debian 8, it works fine on CentOS 7. But I have many servers on Debian 8 already configured and in operation:
top - 16:51:06 up 464 days, 47 min
The SSL generation worked for a year. With the release of the new Lets’Encrypt certificate update has stopped working.

If I run command for the installation cert, I get the following error:

Traceback (most recent call last):
File “/tmp/tmp.hNEUDqk88D/pipstrap.py”, line 184, in
exit(main())
File “/tmp/tmp.hNEUDqk88D/pipstrap.py”, line 165, in main
for path, digest in PACKAGES]
File “/tmp/tmp.hNEUDqk88D/pipstrap.py”, line 120, in hashed_download
response = opener(using_https=parsed_url.scheme == ‘https’).open(url)
File “/usr/lib/python2.7/urllib2.py”, line 437, in open
response = meth(req, response)
File “/usr/lib/python2.7/urllib2.py”, line 550, in http_response
‘http’, request, response, code, msg, hdrs)
File “/usr/lib/python2.7/urllib2.py”, line 469, in error
result = self._call_chain(*args)
File “/usr/lib/python2.7/urllib2.py”, line 409, in _call_chain
result = func(*args)
File “/usr/lib/python2.7/urllib2.py”, line 656, in http_error_302
return self.parent.open(new, timeout=req.timeout)
File “/usr/lib/python2.7/urllib2.py”, line 437, in open
response = meth(req, response)
File “/usr/lib/python2.7/urllib2.py”, line 550, in http_response
‘http’, request, response, code, msg, hdrs)
File “/usr/lib/python2.7/urllib2.py”, line 475, in error
return self._call_chain(*args)
File “/usr/lib/python2.7/urllib2.py”, line 409, in _call_chain
result = func(*args)
File “/usr/lib/python2.7/urllib2.py”, line 558, in http_error_default
raise HTTPError(req.get_full_url(), code, msg, hdrs, fp)
urllib2.HTTPError: HTTP Error 503: Backend is unhealthy

I checked on an empty newly installed Debian 8 OVH server error too:


#2

Hi,

The HTTP error “503: Backend is unhealthy” is probably not your fault, but an external service broken, using fastly:

https://docs.fastly.com/guides/debugging/common-503-errors#error-503-backend-is-unhealthy

According to the callstack, it seams it’s during a python install, so the problem seams to not be on let’s encrypt side.

Can you retry again? The problem will most probably be fixed shortly. See @mnordhoff’s post


#3

In particular, PyPI – the Python package service certbot-auto downloads stuff from – uses Fastly.

Their status page currently reports ongoing database maintenance that shouldn’t affect package installation.

https://status.python.org/