Help us understand the problem. What is going on with this article?

Lets Encryptで証明書更新時にcryptographyのエラーが出た時の対処法

More than 1 year has passed since last update.

まれにLets Encryptで証明書更新時にエラーが発生します。
大体、pipのモジュールを最新化すると治っているイメージがありますが、、一応メモとして残しておきます。

環境

EC2 - Amazon Linux

試した方がいいことまとめ

  • certbot-autoを最新化
  • pipのモジュール最新化
  • /opt/eff.org/certbot/を削除

エラーの内容と対処方法

Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:

/opt/eff.org/certbot/が現在利用しているcertbot-autoのバージョンと異なるそうです。
certbot-auto実行時にこちらのディレクトリが再生成されるようなので削除して再実行します。

$ sudo rm -r /opt/eff.org/certbot/
$ ./certbot-auto --debug -v

ImportError: No module named cryptography.hazmat.bindings.openssl.binding

cryptographyが見つからないそうです。

./certbot-auto --debug -v
Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt: 
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
    from certbot.main import main
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py", line 10, in <module>
    import josepy as jose
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/__init__.py", line 41, in <module>
    from josepy.interfaces import JSONDeSerializable
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/interfaces.py", line 8, in <module>
    from josepy import errors, util
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/util.py", line 4, in <module>
    import OpenSSL
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/__init__.py", line 8, in <module>
    from OpenSSL import rand, crypto, SSL
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/rand.py", line 12, in <module>
    from OpenSSL._util import (
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/_util.py", line 6, in <module>
    from cryptography.hazmat.bindings.openssl.binding import Binding
ImportError: No module named cryptography.hazmat.bindings.openssl.binding

pip、virtualenv、cryptographyのバージョンを最新化すると効果がありました。

$ sudo pip install -U pip virtualenv cryptography

このコマンドで諸々更新されたあとはシェルを起動しなさないと、pipが実行できないのでご注意ください。
また、/opt/eff.org/certbot/も作りなおさないとエラーが消えませんでした。

$ bash
$ sudo rm -r /opt/eff.org/certbot/

参考

https://github.com/certbot/certbot/issues/2823
https://github.com/certbot/certbot/issues/2544
https://github.com/scrapy/scrapy/issues/1314

srai0628
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
No comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
ユーザーは見つかりませんでした