Unable to create Apache certificate using certbot - URLLIB and X509 Errors


#1

Please fill out the fields below so we can help you better.

My domain is: a local domain (though I didn’t get this far)

I ran this command:
certbot --apache

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices) (Enter ‘c’ to
cancel):xxxxxx.xx.xx
An unexpected error occurred:
AttributeError: ‘X509’ object has no attribute ‘_x509’

My operating system is (include version):
CentOS Linux release 7.3.1611 (Core)

My web server is (include version):
httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built: Nov 14 2016 18:04:44

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

Log file output:

2017-04-08 12:00:56,411:DEBUG:certbot.main:Root logging level set at 20
2017-04-08 12:00:56,411:INFO:certbot.main:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2017-04-08 12:00:56,411:DEBUG:certbot.main:certbot version: 0.12.0
2017-04-08 12:00:56,411:DEBUG:certbot.main:Arguments: [’–apache’]
2017-04-08 12:00:56,411:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apac he,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalon e)
2017-04-08 12:00:56,412:DEBUG:certbot.plugins.selection:Requested authenticator apache and installer apache
2017-04-08 12:00:57,516:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin - Beta
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = certbot_apache.configurator:ApacheConfigurator
Initialized: <certbot_apache.configurator.ApacheConfigurator object at 0x3142450>
Prep: True
2017-04-08 12:00:57,516:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_apache.confi gurator.ApacheConfigurator object at 0x3142450> and installer <certbot_apache.configurator.ApacheCon figurator object at 0x3142450>
2017-04-08 12:01:02,568:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.or g/directory.
2017-04-08 12:01:02,588:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2017-04-08 12:01:02,768:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
File “/bin/certbot”, line 9, in
load_entry_point(‘certbot==0.12.0’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 896, in main
return config.func(config, plugins)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 599, in run
le_client = _init_le_client(config, authenticator, installer)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 392, in _init_le_client
acc, acme = _determine_account(config)
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 377, in _determine_account
config, account_storage, tos_cb=_tos_cb)
File “/usr/lib/python2.7/site-packages/certbot/client.py”, line 128, in register
acme = acme_from_config_key(config, key)
File “/usr/lib/python2.7/site-packages/certbot/client.py”, line 42, in acme_from_config_key
return acme_client.Client(config.server, key=key, net=net)
File “/usr/lib/python2.7/site-packages/acme/client.py”, line 69, in init
self.net.get(directory).json())
File “/usr/lib/python2.7/site-packages/acme/client.py”, line 658, in get
self._send_request(‘GET’, url, **kwargs), content_type=content_type)
File “/usr/lib/python2.7/site-packages/acme/client.py”, line 631, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 464, in request
resp = self.send(prep, **send_kwargs)
File “/usr/lib/python2.7/site-packages/requests/sessions.py”, line 576, in send
r = adapter.send(request, **kwargs)
File “/usr/lib/python2.7/site-packages/requests/adapters.py”, line 370, in send
timeout=timeout
File “/usr/lib/python2.7/site-packages/requests/packages/urllib3/connectionpool.py”, line 594, in urlopen
chunked=chunked)
File “/usr/lib/python2.7/site-packages/requests/packages/urllib3/connectionpool.py”, line 350, in _make_request
self._validate_conn(conn)
File “/usr/lib/python2.7/site-packages/requests/packages/urllib3/connectionpool.py”, line 835, in _validate_conn
conn.connect()
File “/usr/lib/python2.7/site-packages/requests/packages/urllib3/connection.py”, line 330, in conn ect
cert = self.sock.getpeercert()
File “/usr/lib/python2.7/site-packages/requests/packages/urllib3/contrib/pyopenssl.py”, line 324, in getpeercert
’subjectAltName’: get_subj_alt_name(x509)
File “/usr/lib/python2.7/site-packages/requests/packages/urllib3/contrib/pyopenssl.py”, line 166, in get_subj_alt_name
cert = _Certificate(openssl_backend, peer_cert._x509)
AttributeError: ‘X509’ object has no attribute ‘_x509’


#2

hi @kschroeder

Review this article

You errors seem to be related to openssl and requests library not able to connect to the LetsEncrypt API.

Andrei


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.