Unable to install certbot from launchpad

I’ve been having problems running certbot into my server in AWS, running Ubuntu 16.04.
Installed certbot a few years back, now I need to use certbot again for a new certificate.

I tried running the certbot command ( certbot-auto certonly --standalone -d [DOMAIN] ) to get a new certificate for a new domain name but this is the error I received:

Requesting to rerun /usr/local/bin/certbot-auto with root privileges...
Bootstrapping dependencies for Debian-based OSes... (you can skip this with --no-bootstrap)
Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [109 kB]
Hit:2 http://ap-southeast-1.ec2.archive.ubuntu.com/ubuntu xenial InRelease                                                                         
Hit:3 http://ap-southeast-1.ec2.archive.ubuntu.com/ubuntu xenial-updates InRelease                                        
Hit:4 http://ap-southeast-1.ec2.archive.ubuntu.com/ubuntu xenial-backports InRelease               
Err:5 http://ppa.launchpad.net/certbot/certbot/ubuntu xenial InRelease                             
Cannot initiate the connection to ppa.launchpad.net:80 (2001:67c:1560:8008::15). - connect     (101: Network is unreachable) [IP: 2001:67c:1560:8008::15 80]
Err:6 http://ppa.launchpad.net/ondrej/php/ubuntu xenial InRelease
Cannot initiate the connection to ppa.launchpad.net:80 (2001:67c:1560:8008::15). - connect (101: Network is unreachable) [IP: 2001:67c:1560:8008::15 80]
Fetched 109 kB in 2min 0s (907 B/s)
Reading package lists... Done
W: Failed to fetch http://ppa.launchpad.net/certbot/certbot/ubuntu/dists/xenial/InRelease  Cannot initiate the connection to ppa.launchpad.net:80 (2001:67c:1560:8008::15). - connect (101: Network is unreachable) [IP: 2001:67c:1560:8008::15 80]
W: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/dists/xenial/InRelease  Cannot initiate the connection to ppa.launchpad.net:80 (2001:67c:1560:8008::15). - connect (101: Network is unreachable) [IP: 2001:67c:1560:8008::15 80]
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists... Done
Building dependency tree       
Reading state information... Done
gcc is already the newest version (4:5.3.1-1ubuntu1).
libffi-dev is already the newest version (3.2.1-4).
augeas-lenses is already the newest version (1.4.0-0ubuntu1.1).
ca-certificates is already the newest version (20170717~16.04.2).
libaugeas0 is already the newest version (1.4.0-0ubuntu1.1).
python is already the newest version (2.7.12-1~16.04).
python-dev is already the newest version (2.7.12-1~16.04).
python-virtualenv is already the newest version (15.0.1+ds-3ubuntu1).
virtualenv is already the newest version (15.0.1+ds-3ubuntu1).
libssl-dev is already the newest version (1.1.1d-1+ubuntu16.04.1+deb.sury.org+2).
openssl is already the newest version (1.1.0h-2.0+ubuntu16.04.1+deb.sury.org+1).
0 upgraded, 0 newly installed, 0 to remove and 245 not upgraded.
WARNING: unable to check for updates.
Creating virtual environment...
Installing Python packages...
Traceback (most recent call last):
  File "/tmp/tmp.jdJBLuxgNc/pipstrap.py", line 177, in <module>
sys.exit(main())
  File "/tmp/tmp.jdJBLuxgNc/pipstrap.py", line 158, in main
for path, digest in PACKAGES]
  File "/tmp/tmp.jdJBLuxgNc/pipstrap.py", line 117, in hashed_download
response = opener(using_https=parsed_url.scheme == 'https').open(url)
  File "/usr/lib/python2.7/urllib2.py", line 435, in open
response = meth(req, response)
  File "/usr/lib/python2.7/urllib2.py", line 548, in http_response
'http', request, response, code, msg, hdrs)
  File "/usr/lib/python2.7/urllib2.py", line 467, in error
result = self._call_chain(*args)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 654, in http_error_302
return self.parent.open(new, timeout=req.timeout)
  File "/usr/lib/python2.7/urllib2.py", line 435, in open
response = meth(req, response)
  File "/usr/lib/python2.7/urllib2.py", line 548, in http_response
'http', request, response, code, msg, hdrs)
  File "/usr/lib/python2.7/urllib2.py", line 467, in error
result = self._call_chain(*args)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 654, in http_error_302
return self.parent.open(new, timeout=req.timeout)
  File "/usr/lib/python2.7/urllib2.py", line 429, in open
response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 447, in _open
'_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 1241, in https_open
context=self._context)
  File "/usr/lib/python2.7/urllib2.py", line 1198, in do_open
raise URLError(err)
urllib2.URLError: <urlopen error [Errno 101] Network is unreachable>

I’ve tried sudo add-apt-repository ppa:certbot/certbot but it just hangs there.

If I try to sudo apt-get update, it returns this:

Hit:1 http://ap-southeast-1.ec2.archive.ubuntu.com/ubuntu xenial InRelease
Hit:2 http://ap-southeast-1.ec2.archive.ubuntu.com/ubuntu xenial-updates InRelease     
Hit:3 http://ap-southeast-1.ec2.archive.ubuntu.com/ubuntu xenial-backports InRelease   
Get:4 http://ppa.launchpad.net/certbot/certbot/ubuntu xenial InRelease [24.3 kB]                                 
Ign:4 http://ppa.launchpad.net/certbot/certbot/ubuntu xenial InRelease                                                           
Err:5 http://ppa.launchpad.net/ondrej/php/ubuntu xenial InRelease                                                                
  Cannot initiate the connection to ppa.launchpad.net:80 (2001:67c:1560:8008::15). - connect (101: Network is unreachable) [IP: 2001:67c:1560:8008::15 80]
Get:6 http://security.ubuntu.com/ubuntu xenial-security InRelease [109 kB]                            
Fetched 134 kB in 6min 1s (369 B/s)                                                                                                                
Reading package lists... Done
W: GPG error: http://ppa.launchpad.net/certbot/certbot/ubuntu xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8C47BE8E75BCA694
W: The repository 'http://ppa.launchpad.net/certbot/certbot/ubuntu xenial InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/dists/xenial/InRelease  Cannot initiate the connection to ppa.launchpad.net:80 (2001:67c:1560:8008::15). - connect (101: Network is unreachable) [IP: 2001:67c:1560:8008::15 80]
W: Some index files failed to download. They have been ignored, or old ones used instead.

Is launchpad down? Or is there something wrong with my settings? What can I do to resolve this issue so I can create a new SSL cert for my new domain?

1 Like

I can reach that IPv6 host just fine, so it seems that it would come down to either your configuration or your ISP.

Do you usually have IPv6 working?

Perhaps you can try temporarily force apt to use IPv4 only.

1 Like

I’ve disabled ipv6 and tested it again. Still couldn’t get a new cert.
I can update the packages if I run sudo apt-get -oAcquire::Http::Proxy= update
But certbot-auto commands still can’t work.

Fetched 1,425 kB in 2min 0s (11.8 kB/s)            
Reading package lists... Done
W: Failed to fetch http://ppa.launchpad.net/ondrej/php/ubuntu/dists/xenial/InRelease  Could not connect to ppa.launchpad.net:80 (91.189.95.83), connection timed out
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists... Done
Building dependency tree       
Reading state information... Done
gcc is already the newest version (4:5.3.1-1ubuntu1).
libffi-dev is already the newest version (3.2.1-4).
augeas-lenses is already the newest version (1.4.0-0ubuntu1.1).
ca-certificates is already the newest version (20170717~16.04.2).
libaugeas0 is already the newest version (1.4.0-0ubuntu1.1).
python is already the newest version (2.7.12-1~16.04).
python-dev is already the newest version (2.7.12-1~16.04).
python-virtualenv is already the newest version (15.0.1+ds-3ubuntu1).
virtualenv is already the newest version (15.0.1+ds-3ubuntu1).
libssl-dev is already the newest version (1.1.1d-1+ubuntu16.04.1+deb.sury.org+2).
openssl is already the newest version (1.1.0h-2.0+ubuntu16.04.1+deb.sury.org+1).
0 upgraded, 0 newly installed, 0 to remove and 243 not upgraded.
WARNING: unable to check for updates.
Creating virtual environment...
Installing Python packages...
Traceback (most recent call last):
  File "/tmp/tmp.M7u5UgRTc9/pipstrap.py", line 177, in <module>
    sys.exit(main())
  File "/tmp/tmp.M7u5UgRTc9/pipstrap.py", line 158, in main
    for path, digest in PACKAGES]
  File "/tmp/tmp.M7u5UgRTc9/pipstrap.py", line 117, in hashed_download
    response = opener(using_https=parsed_url.scheme == 'https').open(url)
  File "/usr/lib/python2.7/urllib2.py", line 429, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 447, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 1241, in https_open
    context=self._context)
  File "/usr/lib/python2.7/urllib2.py", line 1198, in do_open
    raise URLError(err)
urllib2.URLError: <urlopen error [Errno 99] Cannot assign requested address>

So your system has an HTTP proxy setup?

Is $http_proxy set?

I didn’t set up HTTP proxy.

echo $http_proxy

returns blank

What else could be the issue? I managed to update my php version via ppa.launchpad.net a few months ago and I haven’t touched the server since then. That time, it took me a long time and a lot of retries to update php.

curl -v ppa.launchpad.net

might help. At least, it will reveal if there’s a proxy coming from the environment.

1 Like