Lib has no attributes

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email -d

It produced this output: AttributeError: module 'lib' has no attribute 'X509_get_notAfter'
2022-05-28 12:49:50,078:ERROR:certbot.log:An unexpected error occurred:

My web server is (include version): nginx 1.18.0

The operating system my web server runs on is (include version): Ubuntu 20.0.4

My hosting provider, if applicable, is:Hetzner

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.40.

2022-05-28 12:49:50,076:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in
load_entry_point('certbot==0.40.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/", line 1382, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/", line 1128, in run
should_get_cert, lineage = _find_cert(config, domains, certname)
File "/usr/lib/python3/dist-packages/certbot/", line 287, in _find_cert
action, lineage = _find_lineage_for_domains_and_certname(config, domains, certname)
File "/usr/lib/python3/dist-packages/certbot/", line 314, in _find_lineage_for_domains_and_certname
return _find_lineage_for_domains(config, domains)
File "/usr/lib/python3/dist-packages/certbot/", line 264, in _find_lineage_for_domains
return _handle_identical_cert_request(config, ident_names_cert)
File "/usr/lib/python3/dist-packages/certbot/", line 196, in _handle_identical_cert_request
if renewal.should_renew(config, lineage):
File "/usr/lib/python3/dist-packages/certbot/", line 278, in should_renew
if lineage.should_autorenew():
File "/usr/lib/python3/dist-packages/certbot/", line 943, in should_autorenew
expiry = crypto_util.notAfter(self.version(
File "/usr/lib/python3/dist-packages/certbot/", line 432, in notAfter
return _notAfterBefore(cert_path, crypto.X509.get_notAfter)
File "/usr/lib/python3/dist-packages/certbot/", line 451, in _notAfterBefore
timestamp = method(x509)
File "/usr/local/lib/python3.8/dist-packages/OpenSSL/", line 1378, in get_notAfter
return self._get_boundary_time(_lib.X509_get_notAfter)
AttributeError: module 'lib' has no attribute 'X509_get_notAfter'
2022-05-28 12:49:50,078:ERROR:certbot.log:An unexpected error occurred:

I don't know why you would get that error. It seems like the apt version of certbot isn't working right.

But Ubuntu 20 supports the snap install for certbot. Using snap will ensure you get the latest Certbot version. See below for install for nginx on Ubuntu 20. This will probably fix your problem.


You've used pip to install the library pyopenssl system wide. This is asking for dependency problems!

In this case, cryptography is relying on a newer version of pyopenssl (20.0.0 or newer) than you currently have installed.

Also, using pip globally and system packages mixed together is probably also asking for problems.

Solution 1: don't use pip globally, only use pip in virtual environments to prevent dependency issues.

Solution 2: use snap to install Certbot as @MikeMcQ already said.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.