September 8, 2022, 7:25am
In the official blog of Let's Encrypt,
Get Certbot — Certbot 1.30.0 documentation , it says it needs Python version 3.7+
I am running a Centos 8 system. I have python version 3.6.8. Still I was able to install Let'sEncrypt. Will there be issue in the future? I will have to update Python?
September 8, 2022, 7:33am
HOW you've installed Certbot, you're either not running the most up to date version OR have used "snap" to install the most recent version, which comes with its own build-in Python.
sudo certbot --version should present the version installed.
September 8, 2022, 8:12am
Thanks for your reply. After running the command, I am getting this.
Is this the latest version? I don't know about snap. I installed certbot using the tutorial from
How To Secure Nginx with Let's Encrypt on CentOS 8 | DigitalOcean
September 8, 2022, 8:13am
The latest version is 1.30.0, so 1.22.0 is
not up to date.
https://certbot.eff.org/ you can find the recommended method of installing Certbot.
September 8, 2022, 8:16am
Running latest version is absolute necessary? For how much time, version, 1.22.0 will work? It is working fine at the moment.
September 8, 2022, 8:18am
September 8, 2022, 8:22am
In the url you mentioned, Certbot Instructions | Certbot it is showing 2 methods. 'Default' & 'WildCard'. What is the difference?
Wildcard means wildcard subdomains?
September 8, 2022, 9:15am
Correct. The default tab is just for regular certificates without a wildcard hostname. As the wildcard certificates can only be issued using the
dns-01 challenge for the wildcard hostnames, it often requires additional (DNS) plugins, which is mentioned on the Wildcard tab.
September 8, 2022, 9:55am
Thanks for your reply.
I was unable to install certbot with 'snap'. Is there another way to install latest version of Certbot without using snap?
September 8, 2022, 12:55pm
Not sure about "latest". Using
pip (in a virtual environment!) is a "second best", but relies on the locally installed Python. So if your Python is too old, I don't think you'd get the latest version.
Depending on your requirements you can either choose to have an older version or use snap.
Note that sometimes people are running 0.40.0 or even older here on the Community. While we advise to upgrade, this is often not possible (or won't put in the effort) and usually it works nonetheless.
There are also other ACME clients other than certbot that don't rely on Python at all.
Last updated: Jun 29, 2022 | See all Documentation Let’s Encrypt uses the ACME protocol to verify that you control a given domain name and to issue you a certificate. To get a Let’s Encrypt certificate, you’ll need to choose a piece...
September 8, 2022, 1:43pm
I was able to install Python version 3.9.13
I am using a VPS server (Centos 8 Stream)
Can you point me to a tutorial on how to install using pip?
September 8, 2022, 1:50pm
The certbot instruction generator you've used earlier has a "Pip" option as system.
September 8, 2022, 1:54pm
Thanks Osiris. I have one more query.
I have a domain (say
example.com). Also a subdomain, ( app.example.com).
I need 4 certificates, for
Do I need to enable wildcard certificates? (I know it takes more steps) or I can individually get 4 certificates.
Will the certificate for
app.example.com works with www.app.example.com too? or I need separate certificates?
September 8, 2022, 2:00pm
You can get a
single certificate with up to 100 different hostnames. A subdomain counts just as a hostname, so you could include all 4 hostnames and have room for 96 more. No wildcard cert required.
A certificate for just
app.example.com will NOT work for
www.app.example.com (although some browsers, Chrome I believe, does actually accept a cert without the
www subdomain for hosts with the
September 8, 2022, 2:21pm
I have one more question. In the crontab file, I have to use like this?
0 0 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew --quiet
(with python command) or I can simply use like this?
0 4 * * * certbot renew --quiet
In the tutorials, it is mentioned like using python? It has to be done? What is the reason?
September 8, 2022, 2:36pm
You want to include some kind of random delay instead of always starting at the exact same time.
September 8, 2022, 2:37pm
Thanks rg305. Why would I need this? Can I start at exact time? Any problem with that? Or Can I use both commands?
September 8, 2022, 2:39pm
Right now, I am using both commands. Any problem with that?