VPS 站用的 Certbot 是用 apk 裝的,一開始還能用,也順利地申請了憑證
後來不知發生什麼問題,在更新時都會出現以下內容

Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in
sys.exit(load_entry_point('certbot==1.10.1', 'console_scripts', 'certbot')())
File "/usr/bin/certbot", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.8/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
File "/usr/lib/python3.8/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 975, in _find_and_load_unlocked
File "", line 671, in _load_unlocked
File "", line 783, in exec_module
File "", line 219, in _call_with_frames_removed
File "/usr/lib/python3.8/site-packages/certbot/main.py", line 2, in
from certbot._internal import main as internal_main
File "/usr/lib/python3.8/site-packages/certbot/_internal/main.py", line 16, in
from certbot import crypto_util
File "/usr/lib/python3.8/site-packages/certbot/crypto_util.py", line 32, in
from certbot import util
File "/usr/lib/python3.8/site-packages/certbot/util.py", line 24, in
from certbot._internal import constants
File "/usr/lib/python3.8/site-packages/certbot/_internal/constants.py", line 4, in
import pkg_resources
File "/usr/lib/python3.8/site-packages/pkg_resources/init.py", line 3239, in
def _initialize_master_working_set():
File "/usr/lib/python3.8/site-packages/pkg_resources/init.py", line 3222, in _call_aside
f(*args, **kwargs)
File "/usr/lib/python3.8/site-packages/pkg_resources/init.py", line 3251, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python3.8/site-packages/pkg_resources/init.py", line 569, in _build_master
return cls._build_from_requirements(requires)
File "/usr/lib/python3.8/site-packages/pkg_resources/init.py", line 582, in _build_from_requirements
dists = ws.resolve(reqs, Environment())
File "/usr/lib/python3.8/site-packages/pkg_resources/init.py", line 775, in resolve
raise VersionConflict(dist, req).with_context(dependent_req)
pkg_resources.ContextualVersionConflict: (cryptography 2.9.2 (/usr/lib/python3.8/site-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'})

看不太懂,所以 Google 一下找到可以用 pip 安裝新版本,就這樣裝下去

/usr/bin/python3 -m pip install --upgrade pip
pip install certbot
/usr/bin/certbot renew

順利更新

2023/1/16 再次碰到

Traceback (most recent call last):
  File "/usr/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==1.27.0', 'console_scripts', 'certbot')())
  File "/usr/bin/certbot", line 25, in importlib_load_entry_point
    return next(matches).load()
  File "/usr/lib/python3.10/importlib/metadata/__init__.py", line 171, in load
    module = import_module(match.group('module'))
  File "/usr/lib/python3.10/importlib/__init__.py", line 126, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 1050, in _gcd_import
  File "<frozen importlib._bootstrap>", line 1027, in _find_and_load
  File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 688, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 883, in exec_module
  File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
  File "/usr/lib/python3.10/site-packages/certbot/main.py", line 6, in <module>
    from certbot._internal import main as internal_main
  File "/usr/lib/python3.10/site-packages/certbot/_internal/main.py", line 23, in <module>
    from acme import client as acme_client
  File "/usr/lib/python3.10/site-packages/acme/client.py", line 37, in <module>
    from acme import challenges
  File "/usr/lib/python3.10/site-packages/acme/challenges.py", line 26, in <module>
    from acme import fields
  File "/usr/lib/python3.10/site-packages/acme/fields.py", line 8, in <module>
    import pyrfc3339
  File "/usr/lib/python3.10/site-packages/pyrfc3339/__init__.py", line 17, in <module>
    from pyrfc3339.generator import generate
  File "/usr/lib/python3.10/site-packages/pyrfc3339/generator.py", line 1, in <module>
    import pytz
ModuleNotFoundError: No module named 'pytz'
mingyangortho_quanoms:/home/william.liu# certbot
Traceback (most recent call last):
  File "/usr/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==1.27.0', 'console_scripts', 'certbot')())
  File "/usr/bin/certbot", line 25, in importlib_load_entry_point
    return next(matches).load()
  File "/usr/lib/python3.10/importlib/metadata/__init__.py", line 171, in load
    module = import_module(match.group('module'))
  File "/usr/lib/python3.10/importlib/__init__.py", line 126, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 1050, in _gcd_import
  File "<frozen importlib._bootstrap>", line 1027, in _find_and_load
  File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 688, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 883, in exec_module
  File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
  File "/usr/lib/python3.10/site-packages/certbot/main.py", line 6, in <module>
    from certbot._internal import main as internal_main
  File "/usr/lib/python3.10/site-packages/certbot/_internal/main.py", line 23, in <module>
    from acme import client as acme_client
  File "/usr/lib/python3.10/site-packages/acme/client.py", line 37, in <module>
    from acme import challenges
  File "/usr/lib/python3.10/site-packages/acme/challenges.py", line 26, in <module>
    from acme import fields
  File "/usr/lib/python3.10/site-packages/acme/fields.py", line 8, in <module>
    import pyrfc3339
  File "/usr/lib/python3.10/site-packages/pyrfc3339/__init__.py", line 17, in <module>
    from pyrfc3339.generator import generate
  File "/usr/lib/python3.10/site-packages/pyrfc3339/generator.py", line 1, in <module>
    import pytz
ModuleNotFoundError: No module named 'pytz'

好在結尾有關鍵字

 pip install pytz

裝完順利更新

3/16 再次 renew 失敗,錯誤訊息跟 plugin 有關,及當初申請方式是用 manual 造成,詳細訊息內容斷線沒保存下

之前都是重新手動重新申請才過,所幸換個驗證方式,改用 certbot-dns-cloudflare

# 先安裝 certbot-dns-cloudflare
pip install certbot-dns-cloudflare

# 設定 cloudflare 
vim ~/.secrets/certbot/cloudflare.ini

dns_cloudflare_email = [email protected]
dns_cloudflare_api_key = kdfsjfkjsd;flkja;sldkfj;askdjfl;sadfj;l

# 申請新的證書
certbot certonly --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini -d cwlove.idv.tw

# 查看新的 conf 內容
cat /etc/letsencrypt/renewal/cwlove.idv.tw.conf

version = 2.9.0
archive_dir = /etc/letsencrypt/archive/cwlove.idv.tw
cert = /etc/letsencrypt/live/cwlove.idv.tw/cert.pem
privkey = /etc/letsencrypt/live/cwlove.idv.tw/privkey.pem
chain = /etc/letsencrypt/live/cwlove.idv.tw/chain.pem
fullchain = /etc/letsencrypt/live/cwlove.idv.tw/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = 812739172894798q3749
authenticator = dns-cloudflare
dns_cloudflare_credentials = /root/.secrets/certbot/cloudflare.ini
server = https://acme-v02.api.letsencrypt.org/directory
key_type = ecdsa

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *