前兩週將機器從 ubuntu 14.04 更新為 ubuntu 22.04,發現每月執行的指令

certbot-auto renew

會噴以下錯誤

You will not receive any bug fixes including those fixing server compatibility
or security problems.
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
    from certbot.main import main
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 2, in <module>
    from certbot._internal import main as internal_main
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/_internal/main.py", line 6, in <module>
    import logging.handlers
  File "/usr/lib/python2.7/logging/__init__.py", line 26, in <module>
    import sys, os, time, cStringIO, traceback, warnings, weakref, collections
  File "/usr/lib/python2.7/weakref.py", line 14, in <module>
    from _weakref import (
ImportError: cannot import name _remove_dead_weakref

排查後發現 certbot 1.9.0 以後只支援 Debian / RHEL 版本的 linux OS

certbot-auto was deprecated on all systems except for those based on Debian or RHEL.

https://community.letsencrypt.org/t/certbot-1-9-0-release/135414

於是嘗試重新安裝 certbot 新版,由於我使用系統配置為 ubuntu / nginx,其他配置可以參考

官方安裝文件

# 安裝 snapd 套件管理工具(理論上在 ubuntu 16.04 以上都有預裝了)
sudo apt update
sudo apt install snapd

# 更新 snapd 為最新版
sudo snap install core; sudo snap refresh core

# 移除舊版 certbot
sudo apt-get remove certbot

# 安裝最新版 certbot
sudo snap install --classic certbot

# 建立 symbolic link
sudo ln -s /snap/bin/certbot /usr/bin/certbot

# 更新 crontab 指令 => 將 certbot-auto 置換為 certbot
vim /etc/crontab

嘗試執行 certbot certificates 即可正常執行了 ~

參考資料:

1 Comment

Leave a Reply