Not clear to me how to update from ACMEv1 to ACMEv2

Help
1

I am running https://www.netsecconsult.com on an AWS Linux AMI running Apache/2.2.34
“yum” is the tool used to grab software from repositories.

Have received several e-mails regarding upgrading to ACMEv2, however my certs look fine and test fine.

my “crontab -l” shows certbot running properly
0 1,13 * * * /home/ec2-user/certbot-auto renew

and I see no errors when I run against Qulays’ SSLlabs.

Do not see any need to upgrade but I am still getting e-mails from you. If I do need to upgrade the instructions are not very clear. Any help would be appreciated.

2

Hi @intheclouds

Ssllabs isn’t relevant, if you have created certificates.

Check your certbot config files if there is an acme-v01.api.letsencrypt.org string used.

If yes, update to acme-v02.api.letsencrypt.org.

3

Please show the output of:
/home/ec2-user/certbot-auto --version

4

[ec2-user@www ~]$ ./certbot-auto --version

Requesting to rerun ./certbot-auto with root privileges…

Upgrading certbot-auto 1.4.0 to 1.5.0…

Replacing certbot-auto…

Creating virtual environment…

Installing Python packages…

Installation succeeded.

Traceback (most recent call last):

File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 7, in

from certbot.main import main

File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py”, line 2, in

from certbot._internal import main as internal_main

File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/_internal/main.py”, line 10, in

import josepy as jose

File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/init.py”, line 41, in

from josepy.interfaces import JSONDeSerializable

File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/interfaces.py”, line 7, in

from josepy import errors, util

File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/util.py”, line 7, in

import OpenSSL

File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/init.py”, line 8, in

from OpenSSL import crypto, SSL

File “/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/crypto.py”, line 12, in

from cryptography import x509

ImportError: No module named cryptography

[ec2-user@www ~]$

5

It looks like you may have multiple versions of python installed or outdated packages…

7

Any idea how to resolve this? I have not touched this certbot app in almost two years. The version of python that the certbot app is using appears old (2.7.x) yet the machine was built in July 2018 and has been constantly updated since.