LetsEncrypt Certbot Error

Hey,
wanted to make a small change to letsencrypt an ran into an error.

Creating a bug report/issue:

I have searched the existing open and closed issues
yes, but since i dont know what to look for its possible i overlook threat with the same problem.

Required Information

  • DietPi version |
    G_DIETPI_VERSION_CORE=8
    G_DIETPI_VERSION_SUB=25
    G_DIETPI_VERSION_RC=1
    G_GITBRANCH=‘master’
    G_GITOWNER=‘MichaIng’

  • Distro version |
    bullseye 0

  • Kernel version | uname -a
    Linux DietPi 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr 3 17:24:16 BST 2023 aarch64 GNU/Linux

  • Architecture |
    arm64

  • SBC model |
    RPi 4 Model B (aarch64)

  • Power supply used |
    not sure but came with the pi.

  • SD card used | (EG: SanDisk ultra)
    no SD Card. SSD

Additional Information (if applicable)

  • Bug report ID |
  • Reference code: e558f862-3c7e-4747-8e29-e99a642a97d4

Steps to reproduce

letsEncrypt was running for month without problems.
was using ‘dietpi-launcher’ to enter the LetsEncrypt setup
Changed Redirect from off to on and hit Apply.

Expected behaviour

renew Cert

Actual behaviour

[  OK  ] DietPi-LetsEncrypt | Nginx webserver detected
[  OK  ] DietPi-LetsEncrypt | Desired setting in /etc/nginx/sites-available/default was already set:    server_name lanfred.mywire.org;
[  OK  ] DietPi-LetsEncrypt | systemctl restart nginx
Traceback (most recent call last):
  File "/usr/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==1.12.0', 'console_scripts', 'certbot')())
  File "/usr/bin/certbot", line 25, in importlib_load_entry_point
    return next(matches).load()
  File "/usr/lib/python3.9/importlib/metadata.py", line 77, in load
    module = import_module(match.group('module'))
  File "/usr/lib/python3.9/importlib/__init__.py", line 127, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 1030, in _gcd_import
  File "<frozen importlib._bootstrap>", line 1007, in _find_and_load
  File "<frozen importlib._bootstrap>", line 986, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 680, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 790, in exec_module
  File "<frozen importlib._bootstrap>", line 228, in _call_with_frames_removed
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 2, in <module>
    from certbot._internal import main as internal_main
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 10, in <module>
    import josepy as jose
  File "/usr/lib/python3/dist-packages/josepy/__init__.py", line 41, in <module>
    from josepy.interfaces import JSONDeSerializable
  File "/usr/lib/python3/dist-packages/josepy/interfaces.py", line 7, in <module>
    from josepy import errors, util
  File "/usr/lib/python3/dist-packages/josepy/util.py", line 7, in <module>
    import OpenSSL
  File "/usr/lib/python3/dist-packages/OpenSSL/__init__.py", line 8, in <module>
    from OpenSSL import crypto, SSL
  File "/usr/lib/python3/dist-packages/OpenSSL/crypto.py", line 1556, in <module>
    class X509StoreFlags(object):
  File "/usr/lib/python3/dist-packages/OpenSSL/crypto.py", line 1577, in X509StoreFlags
    CB_ISSUER_CHECK = _lib.X509_V_FLAG_CB_ISSUER_CHECK
AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
[FAILED] DietPi-LetsEncrypt | Certbot failed, please check its above terminal output. Aborting...

Extra details

Can enter my Nextcloud with my iPhone via DynuDNS-Address with wlan or LTE but not on my iPad with WLAN (no LTE Modul). but not working on annother PC from outside my Network.

may have found the reason why the Dynu-address didnt work.
router needed a reset and got a new IP4.
IPhone must have used ip6.
Why it didnt got updated with the cronjob i have to figure out too. Great.

1 Like

why is this marked as solved?
Still get the certbot error.

because of

Maybe you can try to uninstall Certbot and install it again afterwards

removed certbot, autoremove, reboot, installed certbot.
Still the same error massage.

CAn you confirm that you have the Python package josepy?
pip install josepy

 pip install josepy
Requirement already satisfied: josepy in /usr/lib/python3/dist-packages (1.2.0)
WARNING: Running pip as the 'root' user can result in broken permissions and con              flicting behaviour with the system package manager. It is recommended to use a v              irtual environment instead: https://pip.pypa.io/warnings/venv

[notice] A new release of pip is available: 23.3.1 -> 23.3.2
[notice] To update, run: python3 -m pip install --upgrade pip

looks like it

so nginx now fails too because of the Certbot fail. And with it pihole, nxcloud

#### Details:
- Date           | Sat Jan 20 22:48:44 CET 2024
- DietPi version | v8.25.1 (MichaIng/master)
- Image creator  |
- Pre-image      |
- Hardware       | RPi 4 Model B (aarch64) (ID=4)
- Kernel version | `Linux DietPi 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr  3 17:24:16 BST 2023 aarch64 GNU/Linux`
- Distro         | bullseye (ID=6,RASPBIAN=0)
- Command        | `systemctl restart nginx`
- Exit code      | 1
- Software title | DietPi-LetsEncrypt
#### Steps to reproduce:
<!-- Explain how to reproduce the issue -->
1. ...
2. ...
#### Expected behaviour:
<!-- What SHOULD happen? -->
- ...
#### Actual behaviour:
<!-- What IS happening? -->
- ...
#### Extra details:
<!-- Please post any extra details that might help solve the issue -->
- ...
#### Additional logs:

Job for nginx.service failed because the control process exited with error code.
See “systemctl status nginx.service” and “journalctl -xe” for details.


systemctl status nginx.service
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/nginx.service.d
└─dietpi.conf
Active: failed (Result: exit-code) since Sat 2024-01-20 22:55:27 CET; 9s ago
Docs: man:nginx(8)
Process: 3053 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
CPU: 26ms

Jan 20 22:55:27 DietPi systemd[1]: Starting A high performance web server and a reverse proxy server…
Jan 20 22:55:27 DietPi nginx[3053]: nginx: [emerg] open() “/etc/letsencrypt/options-ssl-nginx.conf” failed (2: No such file or directory) in /etc/nginx/sites-enabled/default:26
Jan 20 22:55:27 DietPi nginx[3053]: nginx: configuration file /etc/nginx/nginx.conf test failed
Jan 20 22:55:27 DietPi systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
Jan 20 22:55:27 DietPi systemd[1]: nginx.service: Failed with result ‘exit-code’.
Jan 20 22:55:27 DietPi systemd[1]: Failed to start A high performance web server and a reverse proxy server.

tryed to reinstall Certbot. Nginx still failing zu start

best to remove SSL configuration from Nginx for time being as a workaround.

wasnt expecting an answer here so i restored a backup.
updated to 9.0.2?.
seems to work now.

but there is/was nothing in the update related to certbot

i never said the update caused the problem.
since my cert was running out and the tips so far didnt work i tryed to reinstall certbot, hoping it would fix the letsencrypt script.
instead it broke the server.

to solve that i decided to restore the backup. Luckily it worked