On Fri, Feb 5, 2021 at 9:44 AM Lamar Owen <lowen at pari.edu> wrote: > On 2/5/21 7:49 AM, Jerry Geis wrote: > > *>>certbot-auto is no longer available. > > See https://certbot.eff.org/docs/install.html#id9 "We used to have a > shell script named certbot-auto to help people install Certbot on UNIX > operating systems, however, this script is no longer supported. If you > want to uninstall certbot-auto, you can follow our instructions here." > > > ... Skipping bootstrap because certbot-auto is deprecated on this > > system. Your system is not supported by certbot-auto anymore. Certbot > > cannot be installed. Please visit https://certbot.eff.org/ to check > > for other alternatives. My Centos 7 is basically out of the box. > > Previously with certbot-auto - it worked every time. Any one else run > > into this and know what the issue is ? > The issue is fully documented and is simply that the certbot-auto script > is being discontinued by the certbot team at EFF. Questions about why > it's being discontinued would need to be taken up with the EFF team on > their github issue tracker at https://github.com/certbot/certbot/issues > > The EFF-recommended way to use certbot has changed. The _new_ way is > with a snap (as in 'install snapd and download the snap for certbot'). > If you already have it might work, but that's going away; you need to > use the solution recommended at certbot.eff.org which first instructs > the user to uninstall any OS package containing certbot. At > https://certbot.eff.org/docs/install.html there is a warning block: > "While the Certbot team tries to keep the Certbot packages offered by > various operating systems working in the most basic sense, due to > distribution policies and/or the limited resources of distribution > maintainers, Certbot OS packages often have problems that other > distribution mechanisms do not. The packages are often old resulting in > a lack of bug fixes and features and a worse TLS configuration than is > generated by newer versions of Certbot. They also may not configure > certificate renewal for you or have all of Certbot’s plugins available. > For reasons like these, we recommend most users follow the instructions > at https://certbot.eff.org/instructions and OS packages are only > documented here as an alternative." > > Further, this isn't a CentOS problem; CentOS 7 doesn't ship > certbot-auto. EPEL7 ships a certbot package, but it doesn't ship > certbot-auto. The certbot in the EPEL7 package is currently working on > one of my systems, but it is at this point in time one release out of > date. (the package currently in EPEL7 is 1.11.0; current is 1.12.0; > 1.12.0 drops support for python2, so the move from 1.11.0 to 1.12.0 > could be fun). > > So, the EFF's recommended instructions for CentOS 7 running nginx are at > https://certbot.eff.org/lets-encrypt/centosrhel7-nginx (I chose the > nginx page because I am running some servers with CentOS 7 and nginx; > there are instructions for CentOS/RHEL 8 as well as for apache). > > > > Hi Lamar - I did find that page... I did follow the instructions. certbot is removed. rpm -qa | grep cert ca-certificates-2020.2.41-70.0.el7_8.noarch whereis certbot certbot: /usr/bin/certbot /var/lib/snapd/snap/bin/certbot ls -l /usr/bin/certbot lrwxrwxrwx 1 root root 17 Feb 4 13:38 /usr/bin/certbot -> /snap/bin/certbot The snap link was made. the snap daemon is running: ps ax | grep snapd 18721 pts/0 S+ 0:00 /bin/grep -d skip snapd 24817 ? Ssl 0:12 /usr/libexec/snapd/snapd I thought someone would have ran into the same issue as I was migrating to this new way of doing things getting letsencypt working on apache. Thanks, Jerry