Renew Error:No module named cryptography.hazmat.bindings.openssl.binding

I do the force renewal for the certificate but I get the error as shown below. Can anyone help? Thanks.

letsencrypt]$ ./letsencrypt-auto --force-renewal
Requesting to rerun ./letsencrypt-auto with root privileges…
Error: couldn’t get currently installed version for /opt/
Traceback (most recent call last):
File “/opt/”, line 7, in
from certbot.main import main
File “/opt/”, line 10, in
import josepy as jose
File “/opt/”, line 41, in
from josepy.interfaces import JSONDeSerializable
File “/opt/”, line 8, in
from josepy import errors, util
File “/opt/”, line 4, in
import OpenSSL
File “/opt/”, line 8, in
from OpenSSL import rand, crypto, SSL
File “/opt/”, line 12, in
from OpenSSL._util import (
File “/opt/”, line 6, in
from cryptography.hazmat.bindings.openssl.binding import Binding
ImportError: No module named cryptography.hazmat.bindings.openssl.binding

Have you tried running with sudo?

Hi Jared.m, it didn’t work.

Hm, well, letsencrypt-auto is a really old name for certbot-auto. You might try installing a newer version. It’s not unreasonable to suspect that you might be having obsolescence issues.

That should be fine, probably. Regardless of the executable’s name, the use of “/opt/” shows that certbot-auto has successfully updated itself to a fairly recent version.

It’s probably an old install that has updated itself to the current version over time.

I don’t know what’s going wrong. :confused:


@bv1, could you answer the questions below?

Including what happened when you ran it with sudo.

It sounds like a known compatibility issue with Amazon Linux, that has a number of hacky workarounds, but not an official fix yet. :slightly_frowning_face:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Although using this name is a sign of following an out-of-date tutorial or other out-of-date documentation, the letsencrypt-auto updater still continues to update to the newest Certbot release, even today. :slight_smile:

Hello All, I did the sudo and the result was exactly the same as I post it in the question asking to solve the issue. It did not work.

I found the solution. The problem is solved. I got the certificate renew.

The solution steps:

  1. Install the cryptography: pip install cryptography
  2. In Lib64, link dist-packages to site-package of python2.7: ln -s dist-packages site-pagages
  3. Run renew with letsencrypt-auto or certbot-auto

Thanks to Jared.m, monodoff, schoen.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.