Versions dont match...?

hello - its been too long since i have freaked out over a certbot issue, so this is overdue:

certbot-auto --version ;

certbot 1.9.0

certbot --version ;

certbot 1.7.0

do i need to be concerned that the versions do not match?

Centos 8 installation.

1 Like

Welcome Back to the Let's Encrypt Community, Mark :slightly_smiling_face:

It appears that you have multiple versions of certbot installed. What webserver software are you using?

1 Like

To answer that specific question: no, that's to be expected. certbot-auto will (by default at least) always update itself to the most recent version. The regular command certbot doesn't auto-update.

To answer your thread more generic: having two certbot installations at the same time is probably not what you want. They might interfere with each other. Perhaps you have multiple cronjobs/systemd timers running to?

Looking at the version of certbot and your distribution version, I assume you've installed certbot with snap? I would suggest to continue using the certbot snap and keep it up to date by the regular update methods that are available. The certbot-auto script is being deprecated and I would advice to remove it from your system. The certbot snaps are also updated regulary when a new certbot version is released.

3 Likes

apache version:

httpd -v ;

Server version: Apache/2.4.37 (centos)
Server built: Sep 15 2020 15:41:16

1 Like

certbot installation:

dnf -y install certbot ;

1 Like

@Osiris is way ahead of me. :slightly_smiling_face:

You would probably benefit from installing certbot via snap if you have not already done so. Part of that installation involves removing old certbot versions.

If you have any Certbot packages installed using an OS package manager like apt, dnf, or yum, you should remove them before installing the Certbot snap to ensure that when you run the command certbot the snap is used rather than the installation from your OS package manager. The exact command to do this depends on your OS, but common examples are sudo apt-get remove certbot, sudo dnf remove certbot, or sudo yum remove certbot.

2 Likes

dumb question, but do we even need certbot-auto anymore since it is being deprecated?

is there an equivalent command just by using certbot?

i am thinking just stick with dnf/yum since that rarely (if ever) has any issues, unless using snap (& newer versions) might be beneficial in some way.

EDIT: snap looks pretty straighforward: i figure if its installed with dnf(yum) its perfectly acceptable. using rpm packages in the past has gotten me into trouble.

1 Like

Nope. A very wise question, actually.

Equivalent to what?

I believe that snap is the direction that certbot is leaning for future releases (likely due to its OS-agnostic nature).

Not exactly sure how to advise here. You could just try it and see what happens. The general trend I've noticed is overwhelmingly positive.

1 Like

certbot-auto is just a wrapper script around the Python certbot program. It does have a few script-specific options, but you wouldn't need those options with the regular certbot program anyway. All other command line options for certbot-auto are passed through to the certbot program. So besides that the commands certbot and certbot-auto are equal.

2 Likes

interesting opinion on using Snap.

this worked fine for installing 1.9 as per the Snap link:

dnf --enablerepo=epel-testing install certbot ;

KernelOops also posted an interesting opinion about using Certbot in the same forum and recommended using dehydrated and acme.sh instead.

1 Like

Too bad I didn't see any arguments. Personally, I would never base something just on an opinion. I might be persuaded by arguments though.

Also interesting why he/she only lists those two alternatives, as there are many, MANY other clients available: https://letsencrypt.org/docs/client-options/

Also, there's much more experience with certbot on this Community, so for other clients like dehydrated or acme.sh you might be on your own.

2 Likes

Yes Osiris i completely agree with you. and since the Centos community gave me an alternative install of Certbot to the latest version, that is the way i am going.

Snap looks interesting, although i was reluctant to install something that only maintains one product, especially since that yum/dnf install command worked great.

LetsEncrypt and Centos is certainly very well supported in this forum for sure. even my silly questions have been answered, with much patience & TLC i might add.

2 Likes

somehow we all seemed to miss my favorite time-tested strategy: do nothing and instead go outside and enjoy life. this AM (2020-10-24) i received an auto-email from Virtualmin:

An update to certbot from 1.7.0-1.el7 to 1.9.0-1.el7 is needed.
This update has been successfully installed.

An update to python2-acme from 1.7.0-1.el7 to 1.9.0-1.el7 is needed.
This update has been successfully installed.

An update to python2-certbot-apache from 1.7.0-1.el7 to 1.9.0-1.el7 is needed.
This update has been successfully installed.

:grin:

1 Like