Updating to latest version displays old

Good afternoon guys, just a quick question. I have recently updated certbot on all my servers so that the changes to authorisation will not effect my cron renewals. However, on two of my servers, after updating to v 0.29 the version is displayed correctly when querying the version. However, on others after updating and querying the version is still displays v 0.27 which is not correct. Further efforts to update it results in saying v 0.29 is already installed.

See imgBB link below, Is this a bug or is the correct version really not installed?

Image > https://ibb.co/MC8tvcN

What’s your distro?

lsb_release -a
cat /etc/os-release

CentOS 7 release 7.5.1804, they are all the same.

Maybe double check that this server still has epel-release installed and it can actually connect to the mirror? yum clean all maybe?

What’s yum info python2-certbot-apache show?

Fresh CentOS 7 environment w/ epel-release:

[root@252e07770802 /]# yum info python2-certbot-apache
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
* base: centos.mirror.ausnetservers.net.au
* epel: epel.mirror.digitalpacific.com.au
* extras: mirror.ventraip.net.au
* updates: centos.mirror.ausnetservers.net.au
Available Packages
Name        : python2-certbot-apache
Arch        : noarch
Version     : 0.29.1
Release     : 1.el7
Size        : 227 k
Repo        : epel/x86_64
Summary     : The apache plugin for certbot
URL         : https://pypi.python.org/pypi/certbot-apache
License     : ASL 2.0
Description : Plugin for certbot that allows for automatic configuration of apache

This is what I get when I run the command you suggested: yum info python2-certbot-apache

[root@itmserver-three ~]# yum info python2-certbot-apache
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.clouvider.net
 * epel: www.mirrorservice.org
 * extras: mirrors.clouvider.net
 * updates: mirrors.clouvider.net
Installed Packages
Name        : python2-certbot-apache
Arch        : noarch
Version     : 0.29.1
Release     : 1.el7
Size        : 906 k
Repo        : installed
From repo   : epel
Summary     : The apache plugin for certbot
URL         : https://pypi.python.org/pypi/certbot-apache
License     : ASL 2.0
Description : Plugin for certbot that allows for automatic configuration of
            : apache

So identical to what yours displays. I tried again with the update and --version and still saying 0.27

Oh, I totally misread your screenshot. Sorry.

It seems like you probably have multiple Certbot packages installed.

rpm -qa | grep -iE "(letsencrypt|certbot)"
which -a certbot

No problem, just as a side note: I'm not a expert when it comes to server commands so I'm going on a whim with what you're suggesting. This is what I get:
> > [root@itmserver-three ~]# rpm -qa | grep -iE "(letsencrypt|certbot)"

    > certbot-0.25.1-1.el7.noarch
    > python2-certbot-dns-google-0.25.1-1.el7.noarch
    > python2-certbot-0.27.1-1.el7.noarch
    > python2-certbot-apache-0.29.1-1.el7.noarch
    > [root@itmserver-three ~]# which -a certbot
    > /usr/bin/certbot

You have 0.25, 0.27 and 0.29 installed simultaneously, somehow.

If it was me I would try to basically remove all of them and start again, but @bmw might have some input about how you got here and what the best way to fix it is.

Ahh I see, I can see why this might be an issue then. Thank you for your aid, would it be possible to just remove the older versions and keep 0.29 without having to re-do the whole lot?

My only concern is that the removal of the older packages doesn’t accidentally remove dependencies used by the newer version (they shouldn’t, but who knows with this kind of thing ).

You can try it, not exactly sure what will happen.

You can uninstall all of them and your certificates and renewal settings should always be preserved in /etc/letsencrypt, but you can take a backup of that directory if paranoid.

I’m always paranoid with this sort of thing, as I said I’m not competent with back-end I’m afraid

Idiot question incoming, how does one go about removing them? Apologies in advance for the induced face-palm.

If someone could shed some light on how to remove certbot from my server that would be grand, done some searches and they mostly relate to removing certificates rather than the program itself.

What’s going on here is Certbot is broken up into multiple components and only some of them have upgraded. This is fine in theory, but you should be able to upgrade them all to the latest version without removing them first by running something like:

yum update certbot python2-certbot-dns-google python2-certbot

Hello BMW!

Thank you for your reply, I executed what you recommended, however upon querying the verison I'm now faced with this:

Traceback (most recent call last):
File "/usr/bin/certbot", line 5, in
from pkg_resources import load_entry_point
File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 3011, in
parse_requirements(requires), Environment()
File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 626, in resolve
raise DistributionNotFound(req)
pkg_resources.DistributionNotFound: acme>=0.29.0

As a side note: I run this first on one of my servers that was successfully showing v 0.29 and running the recommended command resulted in no errors.

Looks like you’ve found a bug in the packages being offered by EPEL. The package should depend on python2-acme version 0.29.0 or greater but it does not. I’ll report this to the package maintainers.

You can just run yum update to update all of packages on your system which is a good idea unless you have an explicit reason not to do so. Alternatively, you can just update the acme package by running yum update python2-acme and try running Certbot again.

Hello again,

Thank you for your quick response! Manually updating the acme package fixed the issue, now running:

certbot --version

results in the correct v now functioning (certbot 0.30.2 as of now).
Much appreciation for your help!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.