CentOS7でLet’s Encryptを更新できない
CentOS7でいつものようにDNSによる認証で更新しようとしたら、エラーがでた。
# certbot certonly --preferred-challenges dns-01 --authenticator manual --domain xxxx.jp Traceback (most recent call last): File "/bin/certbot", line 9, in <module> load_entry_point('certbot==0.27.1', 'console_scripts', 'certbot')() File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 378, in load_entry_point return get_distribution(dist).load_entry_point(group, name) File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 2566, in load_entry_point return ep.load() File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 2260, in load entry = __import__(self.module_name, globals(),globals(), ['__name__']) File "/usr/lib/python2.7/site-packages/certbot/main.py", line 21, in <module> from certbot import client File "/usr/lib/python2.7/site-packages/certbot/client.py", line 16, in <module> from acme import client as acme_client File "/usr/lib/python2.7/site-packages/acme/client.py", line 36, in <module> requests.packages.urllib3.contrib.pyopenssl.inject_into_urllib3() # type: ignore File "/usr/lib/python2.7/site-packages/urllib3/contrib/pyopenssl.py", line 118, in inject_into_urllib3 _validate_dependencies_met() File "/usr/lib/python2.7/site-packages/urllib3/contrib/pyopenssl.py", line 153, in _validate_dependencies_met raise ImportError("'pyOpenSSL' module missing required functionality. " ImportError: 'pyOpenSSL' module missing required functionality. Try upgrading to v0.14 or newer.
pyOpenSSLのバージョンを0.14以上にしろとあるが、
とりあえずcertbotが古そうなのでアップデートして、試してみると別のエラーが。
# yum update certbot # certbot certonly --preferred-challenges dns-01 --authenticator manual --domain xxxx.jp Traceback (most recent call last): File "/bin/certbot", line 5, in <module> from pkg_resources import load_entry_point File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 3011, in <module> parse_requirements(__requires__), Environment() File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 626, in resolve raise DistributionNotFound(req) pkg_resources.DistributionNotFound: acme>=0.29.0
acmeが古い?
pythonとacmeをアップデートしてみたが、今度は「requests 2.6.0」のエラー。
# yum update python # pip install -U acme # certbot certonly --preferred-challenges dns-01 --authenticator manual --domain xxxx.jp Traceback (most recent call last): File "/bin/certbot", line 5, in <module> from pkg_resources import load_entry_point File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 3007, in <module> working_set.require(__requires__) File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 728, in require needed = self.resolve(parse_requirements(requirements)) File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 631, in resolve requirements.extend(dist.requires(req.extras)[::-1]) File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 2497, in requires "%s has no such extra feature %r" % (self, ext) pkg_resources.UnknownExtra: requests 2.6.0 has no such extra feature 'security'
requests[security]をインストールしてみようとしたが、ダメだった。
# pip install requests[security] Requirement already satisfied: requests[security] in /usr/lib/python2.7/site-packages (2.6.0) requests 2.6.0 does not provide the extra 'security'
解決に時間がかかりそうなので、あきらめてcertbot-autoをインストールして対応した。
# wget https://dl.eff.org/certbot-auto # chmod a+x certbot-auto #./certbot-auto --debug certonly --preferred-challenges dns-01 --authenticator manual --domain xxxx.jp