WARNING: The following packages cannot be authenticated

My domain is: [redacted]

I ran this command: /usr/local/bin/certbot-auto --apache

It produced this output:
WARNING: The following packages cannot be authenticated!
augeas-lenses libgmp3c2 libmpfr4 cpp-4.4 cpp libgomp1 gcc-4.4 gcc libaugeas0
libc-dev-bin linux-libc-dev libc6-dev libffi5 libffi-dev libpython2.6
zlib1g-dev libssl-dev python2.6-dev python-dev python-pkg-resources
python-setuptools python-virtualenv
Install these packages without verification [y/N]? N
E: Some packages could not be authenticated

My web server is (include version): apache

The operating system my web server runs on is (include version): Debian 6 (Squeeze) 64-bit

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): i do not have certbot yet, the error occurs when i try to run above command

I have read around a bit in the forums and I reckon our packages are outdated because our Debian is so outdated. However, since it is a live server, I do not want to risk uninstalling and reinstalling them for fear something goes wrong and i break the site. Also, so far i have not dared answering “yes” to the warning message because i am unsure what i risk when installing packages without verification.

At the moment it is not an option to update our server’s OS. Is there a way to still get certbot to issue a certificate (other than doing it manually every 90 days)? Or am i out of luck?

Thanks!

1 Like

Change your repository location?

Indeed, your operating system is several years out of support now:

https://www.debian.org/releases/squeeze/

Try adding --no-self-upgrade to your certbot-auto command line.

1 Like

such a great idea! unfortunately, the 22 problem packages are not packages to be updated but new packages to be installed.

@bmw, why would this matter with --no-self-upgrade? Shouldn’t that skip the apt step entirely?

Or do we also need --no-bootstrap?

1 Like

Ah! Progress. Or rather a new error. Thanks for your ongoing input.

“You have an ancient version of Python entombed in your operating system…
This isn’t going to work; you’ll need at least version 2.7.”

on a different note: is it possible to edit my original post?

Did you want to remove the domain name?

yes. it occurred to me that this is getting quite specific :grimacing:

OK, I’ve removed the domain name.

1 Like

You might want to switch to acme.sh. It does have different conventions for where it saves your certificates, so you’d need to edit configuration files a little bit, but it should be able to run on older, unsupported systems.

thank you!

i will find out if they will let me update python or think it too risky on the live server.