New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ImportError: No module named cryptography.hazmat.bindings.openssl.binding #2544

Open
gabeguz opened this Issue Feb 24, 2016 · 36 comments

Comments

Projects
None yet
@gabeguz

gabeguz commented Feb 24, 2016

While attempting to run on Amazon Linux: Linux ip #1 SMP Sat Oct 24 01:31:37 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

Git commit hash: 6950dbd0708d3ba16b717ad1097332fc37e33f15

I get the following error:

[ec2-user@ip letsencrypt]$ ./letsencrypt-auto
Checking for new version...
Creating virtual environment...
Installing Python packages...
Requesting root privileges to run letsencrypt...
   sudo /home/ec2-user/.local/share/letsencrypt/bin/letsencrypt --no-self-upgrade
Traceback (most recent call last):
  File "/home/ec2-user/.local/share/letsencrypt/bin/letsencrypt", line 7, in <module>
    from letsencrypt.cli import main
  File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/letsencrypt/cli.py", line 21, in <modul
e>
    import OpenSSL
  File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/OpenSSL/__init__.py", line 8, in <modul
e>
    from OpenSSL import rand, crypto, SSL
  File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/OpenSSL/rand.py", line 11, in <module>
    from OpenSSL._util import (
  File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/OpenSSL/_util.py", line 6, in <module>
    from cryptography.hazmat.bindings.openssl.binding import Binding
ImportError: No module named cryptography.hazmat.bindings.openssl.binding

This was working as of Feb 8th... however when trying to checkout an old version to find where things broke, letsencrypt-auto keeps re-upgrading itself to the latest version!

@emailatravi

This comment has been minimized.

Show comment
Hide comment
@emailatravi

emailatravi Mar 2, 2016

Any update.. I am also facing the same issue..
Below are the logs (environment - amazon linux)
Command issued : ./letsencrypt-auto --help

Checking for new version... Creating virtual environment... Installing Python packages... Installation succeeded. Requesting root privileges to run letsencrypt... sudo /home/ec2-user/.local/share/letsencrypt/bin/letsencrypt --help Traceback (most recent call last): File "/home/ec2-user/.local/share/letsencrypt/bin/letsencrypt", line 7, in <module> from letsencrypt.cli import main File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/letsencrypt/cli.py", line 21, in <module> import OpenSSL File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/OpenSSL/__init__.py", line 8, in <module> from OpenSSL import rand, crypto, SSL File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/OpenSSL/rand.py", line 11, in <module> from OpenSSL._util import ( File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/OpenSSL/_util.py", line 6, in <module> from cryptography.hazmat.bindings.openssl.binding import Binding ImportError: No module named cryptography.hazmat.bindings.openssl.binding

emailatravi commented Mar 2, 2016

Any update.. I am also facing the same issue..
Below are the logs (environment - amazon linux)
Command issued : ./letsencrypt-auto --help

Checking for new version... Creating virtual environment... Installing Python packages... Installation succeeded. Requesting root privileges to run letsencrypt... sudo /home/ec2-user/.local/share/letsencrypt/bin/letsencrypt --help Traceback (most recent call last): File "/home/ec2-user/.local/share/letsencrypt/bin/letsencrypt", line 7, in <module> from letsencrypt.cli import main File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/letsencrypt/cli.py", line 21, in <module> import OpenSSL File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/OpenSSL/__init__.py", line 8, in <module> from OpenSSL import rand, crypto, SSL File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/OpenSSL/rand.py", line 11, in <module> from OpenSSL._util import ( File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/OpenSSL/_util.py", line 6, in <module> from cryptography.hazmat.bindings.openssl.binding import Binding ImportError: No module named cryptography.hazmat.bindings.openssl.binding

@emailatravi

This comment has been minimized.

Show comment
Hide comment
@emailatravi

emailatravi Mar 3, 2016

try this
sudo ./letsencrypt-auto --help
Tried the above command at it worked.

emailatravi commented Mar 3, 2016

try this
sudo ./letsencrypt-auto --help
Tried the above command at it worked.

@OliverJAsh

This comment has been minimized.

Show comment
Hide comment
@OliverJAsh

OliverJAsh Mar 10, 2016

Same issue, also resolved by prefixing sudo. How come this is the fix?

OliverJAsh commented Mar 10, 2016

Same issue, also resolved by prefixing sudo. How come this is the fix?

@syamn

This comment has been minimized.

Show comment
Hide comment
@syamn

syamn Mar 18, 2016

Same issue occurred and fixed using sudo, thanks

syamn commented Mar 18, 2016

Same issue occurred and fixed using sudo, thanks

@utdrmac

This comment has been minimized.

Show comment
Hide comment
@utdrmac

utdrmac Jan 18, 2018

I'm experiencing this issue too after updating to the latest certbot on Amazon Linux (Linux ip-172-31-10-255 4.9.75-25.55.amzn1.x86_64 #1 SMP Fri Jan 5 23:50:27 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux)

It seems that the cryptography package is being installed under /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography/

but python is not finding it because it is not looking/operating out of the lib64 path. Notice all the paths below are /lib/ and not /lib64/

I've completely removed this env rm -rf /opt/eff.org and have re-installed cert-bot and still getting same error/issue.

[root@ip-172-31-10-255 venv]# /certbot/certbot-auto --debug renew
Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
    from certbot.main import main
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py", line 10, in <module>
    import josepy as jose
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/__init__.py", line 41, in <module>
    from josepy.interfaces import JSONDeSerializable
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/interfaces.py", line 8, in <module>
    from josepy import errors, util
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/util.py", line 4, in <module>
    import OpenSSL
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/__init__.py", line 8, in <module>
    from OpenSSL import rand, crypto, SSL
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/rand.py", line 12, in <module>
    from OpenSSL._util import (
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/_util.py", line 6, in <module>
    from cryptography.hazmat.bindings.openssl.binding import Binding
ImportError: No module named cryptography.hazmat.bindings.openssl.binding
``

utdrmac commented Jan 18, 2018

I'm experiencing this issue too after updating to the latest certbot on Amazon Linux (Linux ip-172-31-10-255 4.9.75-25.55.amzn1.x86_64 #1 SMP Fri Jan 5 23:50:27 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux)

It seems that the cryptography package is being installed under /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography/

but python is not finding it because it is not looking/operating out of the lib64 path. Notice all the paths below are /lib/ and not /lib64/

I've completely removed this env rm -rf /opt/eff.org and have re-installed cert-bot and still getting same error/issue.

[root@ip-172-31-10-255 venv]# /certbot/certbot-auto --debug renew
Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
    from certbot.main import main
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py", line 10, in <module>
    import josepy as jose
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/__init__.py", line 41, in <module>
    from josepy.interfaces import JSONDeSerializable
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/interfaces.py", line 8, in <module>
    from josepy import errors, util
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/util.py", line 4, in <module>
    import OpenSSL
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/__init__.py", line 8, in <module>
    from OpenSSL import rand, crypto, SSL
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/rand.py", line 12, in <module>
    from OpenSSL._util import (
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/_util.py", line 6, in <module>
    from cryptography.hazmat.bindings.openssl.binding import Binding
ImportError: No module named cryptography.hazmat.bindings.openssl.binding
``
@HinchK

This comment has been minimized.

Show comment
Hide comment
@HinchK

HinchK Jan 18, 2018

@utdrmac I ran into the same error a moment ago deploying a new certificate - your comment inspired the following hacky fix, gathered by peeling the onion and linking the dependencies back to the local/lib/python2.7 path:

ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cryptography
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography-2.0.2.dist-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cryptography-2.0.2.dist-info
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cffi /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cffi
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cffi-1.10.0.dist-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cffi-1.10.0.dist-info
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/_cffi_backend.so /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/_cffi_backend.so
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/.libs_cffi_backend /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/.libs_cffi_backend
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/zope.interface-4.1.3-py2.7-nspkg.pth /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope.interface-4.1.3-py2.7-nspkg.pth
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/zope.interface-4.1.3-py2.7.egg-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope.interface-4.1.3-py2.7.egg-info
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/zope/interface /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/interface

HinchK commented Jan 18, 2018

@utdrmac I ran into the same error a moment ago deploying a new certificate - your comment inspired the following hacky fix, gathered by peeling the onion and linking the dependencies back to the local/lib/python2.7 path:

ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cryptography
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography-2.0.2.dist-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cryptography-2.0.2.dist-info
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cffi /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cffi
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cffi-1.10.0.dist-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cffi-1.10.0.dist-info
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/_cffi_backend.so /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/_cffi_backend.so
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/.libs_cffi_backend /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/.libs_cffi_backend
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/zope.interface-4.1.3-py2.7-nspkg.pth /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope.interface-4.1.3-py2.7-nspkg.pth
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/zope.interface-4.1.3-py2.7.egg-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope.interface-4.1.3-py2.7.egg-info
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/zope/interface /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/zope/interface
@utdrmac

This comment has been minimized.

Show comment
Hide comment
@utdrmac

utdrmac Jan 18, 2018

@HinchK I thought about that too but yes, very hack-y indeed. Check out this solution instead: #1680 (comment) I verify it works on latest elastic beanstalk.

utdrmac commented Jan 18, 2018

@HinchK I thought about that too but yes, very hack-y indeed. Check out this solution instead: #1680 (comment) I verify it works on latest elastic beanstalk.

@kilpatds

This comment has been minimized.

Show comment
Hide comment
@kilpatds

kilpatds Feb 15, 2018

@HinchK Thanks. That (temporarily) fixed it for me. (AWS)

kilpatds commented Feb 15, 2018

@HinchK Thanks. That (temporarily) fixed it for me. (AWS)

@adtsys-suporte

This comment has been minimized.

Show comment
Hide comment
@adtsys-suporte

adtsys-suporte Feb 21, 2018

@HinchK, you solution was amazing. Thanks.

adtsys-suporte commented Feb 21, 2018

@HinchK, you solution was amazing. Thanks.

@digarok

This comment has been minimized.

Show comment
Hide comment
@digarok

digarok Feb 23, 2018

Chiming in that @HinchK's solution similarly fixed my AWS Linux server.

It broke when I went to update my cert today and certbot updated from 0.19.0 to 0.21.1.

digarok commented Feb 23, 2018

Chiming in that @HinchK's solution similarly fixed my AWS Linux server.

It broke when I went to update my cert today and certbot updated from 0.19.0 to 0.21.1.

@hanelyp

This comment has been minimized.

Show comment
Hide comment
@hanelyp

hanelyp Mar 8, 2018

Just ran into the problem myself, for the second time. Seems to be a problem when certbot runs upgrades without sufficient permissions. The update is failing silently, leaving the software in a bad state detected when certbot tries to actually run. Better error detection in the library installation / update routine might help prevent future confusion.

hanelyp commented Mar 8, 2018

Just ran into the problem myself, for the second time. Seems to be a problem when certbot runs upgrades without sufficient permissions. The update is failing silently, leaving the software in a bad state detected when certbot tries to actually run. Better error detection in the library installation / update routine might help prevent future confusion.

@annafelicity

This comment has been minimized.

Show comment
Hide comment
@annafelicity

annafelicity Mar 13, 2018

The solution that @utdrmac linked to above worked to fix this for me (but had to run it as root). Got the same error when certbot tried to upgrade to 0.22.0 just now (on AWS EC2).

annafelicity commented Mar 13, 2018

The solution that @utdrmac linked to above worked to fix this for me (but had to run it as root). Got the same error when certbot tried to upgrade to 0.22.0 just now (on AWS EC2).

@HinchK

This comment has been minimized.

Show comment
Hide comment
@HinchK

HinchK Mar 16, 2018

Just ran into this issue again in a different AWS region; and can confirm @utdrmac's installation via pip worked for me! #1680 (comment)

Rolling out the pip certbot across my instances; as my previous symlink workaround was a pretty gross hack that worked but might not work down the road.

HinchK commented Mar 16, 2018

Just ran into this issue again in a different AWS region; and can confirm @utdrmac's installation via pip worked for me! #1680 (comment)

Rolling out the pip certbot across my instances; as my previous symlink workaround was a pretty gross hack that worked but might not work down the road.

@gmegidish

This comment has been minimized.

Show comment
Hide comment
@gmegidish

gmegidish Apr 13, 2018

I ran into the same problem. Here's what solved it for me:

/opt/eff.org/certbot/venv/local/bin/pip install cryptography interface

gmegidish commented Apr 13, 2018

I ran into the same problem. Here's what solved it for me:

/opt/eff.org/certbot/venv/local/bin/pip install cryptography interface

@awls99

This comment has been minimized.

Show comment
Hide comment
@awls99

awls99 Apr 30, 2018

after trying everything else, @HinchK 's hack was the only thing that worked for me

awls99 commented Apr 30, 2018

after trying everything else, @HinchK 's hack was the only thing that worked for me

@dorhivert

This comment has been minimized.

Show comment
Hide comment
@dorhivert

dorhivert May 15, 2018

I can also confirm awls99 - encountered the same issue last few days, tried everything, all solutions had 0 affect on the issue.
@HinchK way has fixed the issue.

dorhivert commented May 15, 2018

I can also confirm awls99 - encountered the same issue last few days, tried everything, all solutions had 0 affect on the issue.
@HinchK way has fixed the issue.

@gennaroanesi

This comment has been minimized.

Show comment
Hide comment
@gennaroanesi

gennaroanesi May 23, 2018

@gmegidish solution worked great for me. i'm running it on an amazon linux ec2 instance.

gennaroanesi commented May 23, 2018

@gmegidish solution worked great for me. i'm running it on an amazon linux ec2 instance.

@ulver2812

This comment has been minimized.

Show comment
Hide comment
@ulver2812

ulver2812 Jun 25, 2018

@HinchK one shot one kill! :-)

ulver2812 commented Jun 25, 2018

@HinchK one shot one kill! :-)

@cacharrin

This comment has been minimized.

Show comment
Hide comment
@cacharrin

cacharrin Jun 28, 2018

@gmegidish is the man!!!
Thank you!!

cacharrin commented Jun 28, 2018

@gmegidish is the man!!!
Thank you!!

@Shubhankitmishra

This comment has been minimized.

Show comment
Hide comment
@Shubhankitmishra

Shubhankitmishra Jun 29, 2018

/opt/eff.org/certbot/venv/local/bin/pip install cryptography interface

worked for me!

Shubhankitmishra commented Jun 29, 2018

/opt/eff.org/certbot/venv/local/bin/pip install cryptography interface

worked for me!

@bmw

This comment has been minimized.

Show comment
Hide comment
@bmw

bmw Jun 29, 2018

Contributor

@alex, any idea what could be going on here?

We're currently using cryptography 2.0.2, pyOpenSSL 16.2.0, and the other pinnings in https://github.com/certbot/certbot/blob/master/letsencrypt-auto-source/pieces/dependency-requirements.txt.

Contributor

bmw commented Jun 29, 2018

@alex, any idea what could be going on here?

We're currently using cryptography 2.0.2, pyOpenSSL 16.2.0, and the other pinnings in https://github.com/certbot/certbot/blob/master/letsencrypt-auto-source/pieces/dependency-requirements.txt.

@alex

This comment has been minimized.

Show comment
Hide comment
@alex

alex Jun 29, 2018

Collaborator

If this is about Amazon Linux, I guess it's pypa/pip#4464

cc: @reaperhulk

Collaborator

alex commented Jun 29, 2018

If this is about Amazon Linux, I guess it's pypa/pip#4464

cc: @reaperhulk

@eregnier

This comment has been minimized.

Show comment
Hide comment
@eregnier

eregnier Jul 13, 2018

hey there,

I found a solution that worked for me by CTRL-F the web with my eyes.

On this link @utdrmac installs certbot in with pip directly.
#1680 (comment)
I worked for me at least.

And oh, think about installing certbot plugins using pip also to manage automatic configuration of let say nginx (by @bmw ):
#1736 (comment)

Good luck !

edit: I am also installing certificates on Amazon linux.

eregnier commented Jul 13, 2018

hey there,

I found a solution that worked for me by CTRL-F the web with my eyes.

On this link @utdrmac installs certbot in with pip directly.
#1680 (comment)
I worked for me at least.

And oh, think about installing certbot plugins using pip also to manage automatic configuration of let say nginx (by @bmw ):
#1736 (comment)

Good luck !

edit: I am also installing certificates on Amazon linux.

@awls99

This comment has been minimized.

Show comment
Hide comment
@awls99

awls99 Jul 16, 2018

Hit this problem again, followed the simple steps on @eregnier 's post's links, worked first try, now my crontab looks like:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/bin/certbot renew --no-bootstrap --nginx 1> /var/log/cerbot.log 2>&1

awls99 commented Jul 16, 2018

Hit this problem again, followed the simple steps on @eregnier 's post's links, worked first try, now my crontab looks like:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/bin/certbot renew --no-bootstrap --nginx 1> /var/log/cerbot.log 2>&1

@tancredolt

This comment has been minimized.

Show comment
Hide comment
@tancredolt

tancredolt Jul 18, 2018

I've the same problem today, the solution of @HinchK works fine, I just have to replace the

ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography-2.0.2.dist-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cryptography-2.0.2.dist-info

by
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography-2.2.2.dist-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cryptography-2.2.2.dist-info

and worked as a charm.

tancredolt commented Jul 18, 2018

I've the same problem today, the solution of @HinchK works fine, I just have to replace the

ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography-2.0.2.dist-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cryptography-2.0.2.dist-info

by
ln -s /opt/eff.org/certbot/venv/local/lib64/python2.7/dist-packages/cryptography-2.2.2.dist-info /opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/cryptography-2.2.2.dist-info

and worked as a charm.

@smartITNinja

This comment has been minimized.

Show comment
Hide comment
@smartITNinja

smartITNinja Jul 18, 2018

I faced this issue today.
My workaround for certbot 0.26.1 on Amazon Linux AMI 4.4.30-32.54.amzn1.x86_64 was:

cd /opt/eff.org/certbot/venv/lib64/python2.7
rmdir site-packages (in my case, this directory was empty)
ln -s dist-packages site-packages

And that's all, it worked for me.

smartITNinja commented Jul 18, 2018

I faced this issue today.
My workaround for certbot 0.26.1 on Amazon Linux AMI 4.4.30-32.54.amzn1.x86_64 was:

cd /opt/eff.org/certbot/venv/lib64/python2.7
rmdir site-packages (in my case, this directory was empty)
ln -s dist-packages site-packages

And that's all, it worked for me.

@lpkirby

This comment has been minimized.

Show comment
Hide comment
@lpkirby

lpkirby Jul 18, 2018

Confirm @smartITNinja solution worked for me as well.

lpkirby commented Jul 18, 2018

Confirm @smartITNinja solution worked for me as well.

@bmw

This comment has been minimized.

Show comment
Hide comment
@bmw

bmw Jul 18, 2018

Contributor

Are those having issues on Amazon Linux 1 or 2? If it's Amazon Linux 2, you can and should use the EPEL7 packages over certbot-auto. How to install these packages is described at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html#letsencrypt.

Contributor

bmw commented Jul 18, 2018

Are those having issues on Amazon Linux 1 or 2? If it's Amazon Linux 2, you can and should use the EPEL7 packages over certbot-auto. How to install these packages is described at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html#letsencrypt.

@saiday

This comment has been minimized.

Show comment
Hide comment
@saiday

saiday Jul 19, 2018

@smartITNinja @lpkirby
When I trying to ln dist-packages site-packages, I got hard link not allowed for directory .

You really hard linked dist-packages to site-packages?

saiday commented Jul 19, 2018

@smartITNinja @lpkirby
When I trying to ln dist-packages site-packages, I got hard link not allowed for directory .

You really hard linked dist-packages to site-packages?

@lpkirby

This comment has been minimized.

Show comment
Hide comment
@lpkirby

lpkirby Jul 19, 2018

@saiday - fwiw - No, I did a sym link.

@bmw - That's interesting. Some places in AWS docs say you shouldn't install EPEL in Amazon Linux 2, and some show you how to do it.

lpkirby commented Jul 19, 2018

@saiday - fwiw - No, I did a sym link.

@bmw - That's interesting. Some places in AWS docs say you shouldn't install EPEL in Amazon Linux 2, and some show you how to do it.

@smartITNinja

This comment has been minimized.

Show comment
Hide comment
@smartITNinja

smartITNinja Jul 19, 2018

@bmw Amazon Linux 1

@saiday sorry, it's a "soft link" instead of a hard link. The comment is fixed now, including the correct steps. Thanks!

 pwd
/opt/eff.org/certbot/venv/lib64/python2.7

drwxr-xr-x 9 root root  4096 Jul 18 14:14 dist-packages
lrwxrwxrwx 1 root root    13 Jul 18 14:26 site-packages -> dist-packages

smartITNinja commented Jul 19, 2018

@bmw Amazon Linux 1

@saiday sorry, it's a "soft link" instead of a hard link. The comment is fixed now, including the correct steps. Thanks!

 pwd
/opt/eff.org/certbot/venv/lib64/python2.7

drwxr-xr-x 9 root root  4096 Jul 18 14:14 dist-packages
lrwxrwxrwx 1 root root    13 Jul 18 14:26 site-packages -> dist-packages
@bmw

This comment has been minimized.

Show comment
Hide comment
@bmw

bmw Jul 19, 2018

Contributor

That's interesting. Some places in AWS docs say you shouldn't install EPEL in Amazon Linux 2, and some show you how to do it.

Huh. I unfortunately don't know enough about Amazon Linux 2 to provide a recommendation one way or another then. All I can say is:

  1. Up to date OS packages should be preferred over certbot-auto.
  2. At least for getting Certbot working, EPEL7 packages have worked for people on Amazon Linux 2 including us during testing.
Contributor

bmw commented Jul 19, 2018

That's interesting. Some places in AWS docs say you shouldn't install EPEL in Amazon Linux 2, and some show you how to do it.

Huh. I unfortunately don't know enough about Amazon Linux 2 to provide a recommendation one way or another then. All I can say is:

  1. Up to date OS packages should be preferred over certbot-auto.
  2. At least for getting Certbot working, EPEL7 packages have worked for people on Amazon Linux 2 including us during testing.
@tydic-kanper

This comment has been minimized.

Show comment
Hide comment
@tydic-kanper

tydic-kanper Aug 2, 2018

@smartITNinja thx,this solved my problem in my amazon EC2

tydic-kanper commented Aug 2, 2018

@smartITNinja thx,this solved my problem in my amazon EC2

@iceagency-lukehopkins

This comment has been minimized.

Show comment
Hide comment
@iceagency-lukehopkins

iceagency-lukehopkins Aug 9, 2018

@smartITNinja that worked for me on an Amazon Linux 1 EC2 today.

Cheers 👍

iceagency-lukehopkins commented Aug 9, 2018

@smartITNinja that worked for me on an Amazon Linux 1 EC2 today.

Cheers 👍

@rlaferla

This comment has been minimized.

Show comment
Hide comment
@rlaferla

rlaferla Sep 25, 2018

The only thing that worked was @smartITNinja's hack. I run into this problem all the time. The certbot script needs to be updated to "catch" this and either work around it or provide a useful error message. AWS EC2 is a major distribution and Let's Encrypt should work out of the box with it. PERIOD.

rlaferla commented Sep 25, 2018

The only thing that worked was @smartITNinja's hack. I run into this problem all the time. The certbot script needs to be updated to "catch" this and either work around it or provide a useful error message. AWS EC2 is a major distribution and Let's Encrypt should work out of the box with it. PERIOD.

@meylor

This comment has been minimized.

Show comment
Hide comment
@meylor

meylor Sep 25, 2018

Was running into the same issue on an Amazon Linux AMI.

Ended up just using the certbot docker container. Took all of about 90 seconds.

Assuming you have docker installed and running:

docker pull certbot/certbot

docker run -it --rm --name certbot \
-v "/etc/letsencrypt:/etc/letsencrypt" \
-v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
certbot/certbot \
certonly --manual --preferred-challenges dns-01 --agree-tos -d "example.com" -d "*.example.com" --server https://acme-v02.api.letsencrypt.org/directory

meylor commented Sep 25, 2018

Was running into the same issue on an Amazon Linux AMI.

Ended up just using the certbot docker container. Took all of about 90 seconds.

Assuming you have docker installed and running:

docker pull certbot/certbot

docker run -it --rm --name certbot \
-v "/etc/letsencrypt:/etc/letsencrypt" \
-v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
certbot/certbot \
certonly --manual --preferred-challenges dns-01 --agree-tos -d "example.com" -d "*.example.com" --server https://acme-v02.api.letsencrypt.org/directory
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment