我跑了
./letsencrypt-auto --help --debug
安装让我们加密。
所有软件包均已成功安装,但随后出现以下错误:
创建虚拟环境...
更新letsencrypt和虚拟环境依赖......命令“/root/.local/share/letsencrypt/bin/python2.7 -c”import setuptools,tokenize; file ='/dev/shm/pip-build-OslHtf/cffi/setup.py';exec(compile(getattr(tokenize, 'open', open)( file ).read().replace('rn', ' n'), file , 'exec'))" install --record /tmp/pip-lx9pFX-record/install-record.txt --single-version-externally-managed --compile --install-headers /root/ .local/share/letsencrypt/include/site/python2.7/cffi" 失败,错误代码 1 在 /dev/shm/pip-build-OslHtf/cffi
任何的想法? 我意识到 amazon linux 支持是实验性的,我不打算使用所有的自动化工具(还),但如果我至少可以手动生成证书会很棒。
barshinoff
所有37条评论
从#1458开始,
通过首先手动安装 python27-virtualenv 包,然后运行 RedHat 引导路径,我能够在 Amazon Linux 2015.03 上使用修改后的letsencrypt-auto 运行客户端。
我这样做了,它似乎正在工作。 您需要运行 sudo yum install python27-virtualenv 和 sudo ./bootstrap/_rpm_common.sh
kiwimancy
于 2015-12-03
@barshinoff我很好奇这是否与 #1677 相关(在其他 redhat-family 发行版上编译 cffi 依赖项时出现内存不足错误)我已经检查过 ./letsencrypt-auto 是否适用于 amazon linux 2015.09 的全新安装.1 和 2015.03.1 在 t2.micro 实例上,没有其他任何东西在运行。 您在尝试什么实例类型和 AMI? 如果您使用 '-v' ./letsencrypt-auto --help --debug -v 详细运行它,它可能会提供有关正在发生的事情的更多信息。
levskaya
于 2015-12-03
你好,谢谢你的建议。
这不是内存问题,以确保我确保没有其他任何东西在运行并连接了 40gb 交换驱动器。
我正在运行 2015.09 发行版并更新了所有软件包。
首先安装 python27-virtualenv 包,然后按照@kiwimancy的建议运行 RedHat 引导路径,这让我克服了最初的错误。
我现在收到的错误是:
Updating letsencrypt and virtual environment dependencies.......
Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt
Traceback (most recent call last):
File "/root/.local/share/letsencrypt/bin/letsencrypt", line 7, in <module>
from letsencrypt.cli import main
File "/root/.local/share/letsencrypt/local/lib/python2.7/dist-packages/letsencrypt/cli.py", line 17, in <module>
import OpenSSL
ImportError: No module named OpenSSL
barshinoff
于 2015-12-04
在同一个 2015.09 Amazon Linux 上出现同样的错误。
以下是详细日志,希望这有助于识别问题。
$ ./letsencrypt-auto help --debug --verbose
Bootstrapping dependencies for Amazon Linux...
yum is /usr/bin/yum
Loaded plugins: priorities, update-motd, upgrade-helper
Package python26-2.6.9-1.80.amzn1.x86_64 already installed and latest version
Package python26-devel-2.6.9-1.80.amzn1.x86_64 already installed and latest version
Package python26-virtualenv-12.0.7-1.10.amzn1.noarch already installed and latest version
Nothing to do
Loaded plugins: priorities, update-motd, upgrade-helper
Package git-2.4.3-6.40.amzn1.x86_64 already installed and latest version
Package gcc-4.8.3-3.20.amzn1.noarch already installed and latest version
Package dialog-1.1-9.20080819.1.5.amzn1.x86_64 already installed and latest version
Package augeas-libs-1.0.0-5.7.amzn1.x86_64 already installed and latest version
Package 1:openssl-devel-1.0.1k-10.87.amzn1.x86_64 already installed and latest version
Package libffi-devel-3.0.13-11.4.amzn1.x86_64 already installed and latest version
Package system-rpm-config-9.0.3-42.27.amzn1.noarch already installed and latest version
Package ca-certificates-2015.2.4-65.0.1.14.amzn1.noarch already installed and latest version
Nothing to do
Creating virtual environment...
Already using interpreter /usr/bin/python2.7
New python executable in /home/ec2-user/.local/share/letsencrypt/bin/python2.7
Also creating executable in /home/ec2-user/.local/share/letsencrypt/bin/python
Installing setuptools, pip...done.
Updating letsencrypt and virtual environment dependencies...
You are using pip version 6.0.8, however version 7.1.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Collecting setuptools from https://pypi.python.org/packages/3.5/s/setuptools/setuptools-18.7.1-py2.py3-none-any.whl#md5=a793e7b7ad3a91ca796f2e3bbd4ac355
Using cached setuptools-18.7.1-py2.py3-none-any.whl
Installing collected packages: setuptools
Found existing installation: setuptools 12.0.5
Uninstalling setuptools-12.0.5:
Successfully uninstalled setuptools-12.0.5
Successfully installed setuptools-18.7.1
You are using pip version 6.0.8, however version 7.1.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Collecting pip from https://pypi.python.org/packages/py2.py3/p/pip/pip-7.1.2-py2.py3-none-any.whl#md5=5ff9fec0be479e4e36df467556deed4d
Using cached pip-7.1.2-py2.py3-none-any.whl
Installing collected packages: pip
Found existing installation: pip 6.0.8
Uninstalling pip-6.0.8:
Successfully uninstalled pip-6.0.8
Successfully installed pip-7.1.2
Collecting letsencrypt
Using cached letsencrypt-0.1.0-py2-none-any.whl
Collecting letsencrypt-apache
Using cached letsencrypt_apache-0.1.0-py2-none-any.whl
Collecting ConfigArgParse from git+https://github.com/kuba/[email protected]#egg=ConfigArgParse (from -r ./py26reqs.txt (line 1))
Cloning https://github.com/kuba/ConfigArgParse.git (to python2.6-0.9.3) to /tmp/pip-build-3Vgs0V/ConfigArgParse
Collecting acme==0.1.0 (from letsencrypt)
Using cached acme-0.1.0-py2-none-any.whl
Requirement already up-to-date: setuptools in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Collecting python2-pythondialog>=3.2.2rc1 (from letsencrypt)
Using cached python2-pythondialog-3.3.0.tar.bz2
Collecting PyOpenSSL (from letsencrypt)
Using cached pyOpenSSL-0.15.1-py2.py3-none-any.whl
Collecting requests (from letsencrypt)
Using cached requests-2.8.1-py2.py3-none-any.whl
Collecting parsedatetime (from letsencrypt)
Using cached parsedatetime-1.5-py2-none-any.whl
Collecting configobj (from letsencrypt)
Using cached configobj-5.0.6.tar.gz
Collecting pytz (from letsencrypt)
Using cached pytz-2015.7-py2.py3-none-any.whl
Collecting psutil>=2.1.0 (from letsencrypt)
Using cached psutil-3.3.0.tar.gz
Collecting six (from letsencrypt)
Using cached six-1.10.0-py2.py3-none-any.whl
Collecting cryptography>=0.7 (from letsencrypt)
Using cached cryptography-1.1.1.tar.gz
Collecting zope.interface (from letsencrypt)
Using cached zope.interface-4.1.3.tar.gz
Collecting zope.component (from letsencrypt)
Using cached zope.component-4.2.2.tar.gz
Collecting mock (from letsencrypt)
Using cached mock-1.3.0-py2.py3-none-any.whl
Collecting pyrfc3339 (from letsencrypt)
Using cached pyRFC3339-1.0-py2.py3-none-any.whl
Collecting python-augeas (from letsencrypt-apache)
Using cached python-augeas-0.5.0.tar.gz
Collecting pyasn1 (from acme==0.1.0->letsencrypt)
Using cached pyasn1-0.1.9-py2.py3-none-any.whl
Collecting ndg-httpsclient (from acme==0.1.0->letsencrypt)
Using cached ndg_httpsclient-0.4.0.tar.gz
Collecting werkzeug (from acme==0.1.0->letsencrypt)
Using cached Werkzeug-0.11.2-py2.py3-none-any.whl
Collecting idna>=2.0 (from cryptography>=0.7->letsencrypt)
Using cached idna-2.0-py2.py3-none-any.whl
Collecting enum34 (from cryptography>=0.7->letsencrypt)
Using cached enum34-1.1.1.tar.gz
Collecting ipaddress (from cryptography>=0.7->letsencrypt)
Using cached ipaddress-1.0.15-py27-none-any.whl
Collecting cffi>=1.1.0 (from cryptography>=0.7->letsencrypt)
Using cached cffi-1.3.1.tar.gz
Collecting zope.event (from zope.component->letsencrypt)
Using cached zope.event-4.1.0.tar.gz
Collecting funcsigs (from mock->letsencrypt)
Using cached funcsigs-0.4-py2.py3-none-any.whl
Collecting pbr>=0.11 (from mock->letsencrypt)
Using cached pbr-1.8.1-py2.py3-none-any.whl
Collecting pycparser (from cffi>=1.1.0->cryptography>=0.7->letsencrypt)
Using cached pycparser-2.14.tar.gz
Installing collected packages: pytz, requests, pyasn1, idna, six, enum34, ipaddress, pycparser, cffi, cryptography, PyOpenSSL, ndg-httpsclient, werkzeug, funcsigs, pbr, mock, pyrfc3339, acme, python2-pythondialog, parsedatetime, configobj, psutil, zope.interface, zope.event, zope.component, ConfigArgParse, letsencrypt, python-augeas, letsencrypt-apache
Running setup.py install for enum34
Running setup.py install for pycparser
Running setup.py install for cffi
Running setup.py install for cryptography
Running setup.py install for ndg-httpsclient
Running setup.py install for python2-pythondialog
Running setup.py install for configobj
Running setup.py install for psutil
Running setup.py install for zope.interface
Running setup.py install for zope.event
Running setup.py install for zope.component
Running setup.py install for ConfigArgParse
Running setup.py install for python-augeas
Successfully installed ConfigArgParse-0.9.3 PyOpenSSL acme-0.1.0 cffi configobj-5.0.6 cryptography enum34-1.1.1 funcsigs-0.4 idna-2.0 ipaddress-1.0.15 letsencrypt-0.1.0 letsencrypt-apache-0.1.0 mock-1.3.0 ndg-httpsclient-0.4.0 parsedatetime-1.5 pbr-1.8.1 psutil pyasn1-0.1.9 pycparser-2.14 pyrfc3339 python-augeas-0.5.0 python2-pythondialog-3.3.0 pytz-2015.7 requests-2.8.1 six-1.10.0 werkzeug zope.component-4.2.2 zope.event-4.1.0 zope.interface
Running with virtualenv: sudo /home/ec2-user/.local/share/letsencrypt/bin/letsencrypt help --debug --verbose
Traceback (most recent call last):
File "/home/ec2-user/.local/share/letsencrypt/bin/letsencrypt", line 7, in <module>
from letsencrypt.cli import main
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/letsencrypt/cli.py", line 17, in <module>
import OpenSSL
ImportError: No module named OpenSSL
我直言不讳地尝试通过在https://github.com/letsencrypt/letsencrypt/blob/master/letsencrypt-auto#L181之前手动添加pip install pyOpenSSL pip install cryptography来解决 pyOpenSSL 问题,但坚持使用 cffi 版本不兼容而放弃。
azam
于 2015-12-04
我也有错误:
$ ./letsencrypt-auto --apache -d www.3chirurgen.de -d 3chirurgen.de -d incentergy.de -d www.incentergy.de -d shop.incentergy.de
Updating letsencrypt and virtual environment dependencies......Command "/home/ec2-user/.local/share/letsencrypt/bin/python2.7 -c "import setuptools, tokenize;__file__='/tmp/pip-build-oV91ZI/cffi/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --record /tmp/pip-GU4tNk-record/install-record.txt --single-version-externally-managed --compile --install-headers /home/ec2-user/.local/share/letsencrypt/include/site/python2.7/cffi" failed with error code 1 in /tmp/pip-build-oV91ZI/cffi
$ uname -a
Linux ip-172-31-11-205 4.1.7-15.23.amzn1.x86_64 #1 SMP Mon Sep 14 23:20:33 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
@kiwimancy的解决方案有效:
sudo yum install python27-virtualenv
sudo ./bootstrap/_rpm_common.sh
# Output nothing to do
下一个问题:
$ ./letsencrypt-auto --apache -d www.3chirurgen.de -d 3chirurgen.de -d incentergy.de -d www.incentergy.de -d shop.incentergy.de
Running with virtualenv: sudo /home/ec2-user/.local/share/letsencrypt/bin/letsencrypt --apache -d www.3chirurgen.de -d 3chirurgen.de -d incentergy.de -d www.incentergy.de -d shop.incentergy.de
Traceback (most recent call last):
File "/home/ec2-user/.local/share/letsencrypt/bin/letsencrypt", line 7, in <module>
from letsencrypt.cli import main
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/letsencrypt/cli.py", line 17, in <module>
import OpenSSL
ImportError: No module named OpenSSL
解决方案:
$ /home/ec2-user/.local/share/letsencrypt/bin/pip install pyopenssl
下一个问题:
Complete output from command /home/ec2-user/.local/share/letsencrypt/bin/python2.7 -c "import setuptools, tokenize;__file__='/tmp/pip-build-5_HYBt/cffi/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --record /tmp/pip-BxpscI-record/install-record.txt --single-version-externally-managed --compile --install-headers /home/ec2-user/.local/share/letsencrypt/include/site/python2.7/cffi:
running install
running build
running build_py
creating build
creating build/lib.linux-x86_64-2.7
creating build/lib.linux-x86_64-2.7/cffi
copying cffi/ffiplatform.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/api.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/vengine_cpy.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/recompiler.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/vengine_gen.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/setuptools_ext.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/model.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/cparser.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/__init__.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/gc_weakref.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/cffi_opcode.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/lock.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/verifier.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/commontypes.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/backend_ctypes.py -> build/lib.linux-x86_64-2.7/cffi
copying cffi/_cffi_include.h -> build/lib.linux-x86_64-2.7/cffi
copying cffi/parse_c_type.h -> build/lib.linux-x86_64-2.7/cffi
running build_ext
building '_cffi_backend' extension
creating build/temp.linux-x86_64-2.7
creating build/temp.linux-x86_64-2.7/c
gcc -pthread -fno-strict-aliasing -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv -DNDEBUG -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv -fPIC -DUSE__THREAD -I/usr/include/python2.7 -c c/_cffi_backend.c -o build/temp.linux-x86_64-2.7/c/_cffi_backend.o
c/_cffi_backend.c:2:20: fatal error: Python.h: No such file or directory
#include <Python.h>
^
compilation terminated.
error: command 'gcc' failed with exit status 1
----------------------------------------
Command "/home/ec2-user/.local/share/letsencrypt/bin/python2.7 -c "import setuptools, tokenize;__file__='/tmp/pip-build-5_HYBt/cffi/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --record /tmp/pip-BxpscI-record/install-record.txt --single-version-externally-managed --compile --install-headers /home/ec2-user/.local/share/letsencrypt/include/site/python2.7/cffi" failed with error code 1 in /tmp/pip-build-5_HYBt/cffi
解决方案:
sudo yum install python27-devel
下一个问题:
apache 插件不工作; 您现有的配置可能存在问题。
错误是:NoInstallationError()
2015-12-04 08:18:50,797:DEBUG:letsencrypt.cli:Root logging level set at 20
2015-12-04 08:18:50,798:INFO:letsencrypt.cli:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2015-12-04 08:18:50,807:DEBUG:letsencrypt.cli:letsencrypt version: 0.1.0
2015-12-04 08:18:50,807:DEBUG:letsencrypt.cli:Arguments: ['-v', '--debug', '--apache', '-d', 'www.3chirurgen.de', '-d', '3chirurgen.de', '-d', 'incentergy.de', '-d', 'www.incentergy.de', '-d', 'shop.incentergy.de']
2015-12-04 08:18:50,809:DEBUG:letsencrypt.cli:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#webroot,PluginEntryPoint#null,PluginEntryPoint#manual,PluginEntryPoint#standalone)
2015-12-04 08:18:50,814:DEBUG:letsencrypt.cli:Requested authenticator apache and installer apache
2015-12-04 08:18:50,820:DEBUG:letsencrypt.plugins.disco:No installation (PluginEntryPoint#apache):
Traceback (most recent call last):
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt/plugins/disco.py", line 103, in prepare
self._initialized.prepare()
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/site-packages/letsencrypt_apache/configurator.py", line 142, in prepare
raise errors.NoInstallationError
NoInstallationError
2015-12-04 08:18:50,821:DEBUG:letsencrypt.display.ops:No candidate plugin
2015-12-04 08:18:50,821:DEBUG:letsencrypt.cli:Selected authenticator None and installer None
我稍后会深入研究。
ManuelB
于 2015-12-04
./letsencrypt-auto -v
Updating letsencrypt and virtual environment dependencies...
Requirement already up-to-date: setuptools in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages
Requirement already up-to-date: pip in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages
Requirement already up-to-date: letsencrypt in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages
Requirement already up-to-date: letsencrypt-apache in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages
Requirement already up-to-date: zope.interface in /home/ec2-user/.local/share/letsencrypt/lib64/python2.7/site-packages (from letsencrypt)
Requirement already up-to-date: setuptools in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Requirement already up-to-date: python2-pythondialog>=3.2.2rc1 in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Collecting PyOpenSSL (from letsencrypt)
Using cached pyOpenSSL-0.15.1-py2.py3-none-any.whl
Requirement already up-to-date: requests in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Collecting cryptography>=0.7 (from letsencrypt)
Using cached cryptography-1.1.2.tar.gz
Requirement already up-to-date: parsedatetime in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Requirement already up-to-date: configobj in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Requirement already up-to-date: pytz in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Collecting psutil>=2.1.0 (from letsencrypt)
Using cached psutil-3.3.0.tar.gz
Requirement already up-to-date: six in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Requirement already up-to-date: acme==0.1.1 in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Requirement already up-to-date: zope.component in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Requirement already up-to-date: mock in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Requirement already up-to-date: ConfigArgParse in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt)
Collecting pyrfc3339 (from letsencrypt)
Using cached pyRFC3339-1.0-py2.py3-none-any.whl
Requirement already up-to-date: python-augeas in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from letsencrypt-apache)
Requirement already up-to-date: idna>=2.0 in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from cryptography>=0.7->letsencrypt)
Requirement already up-to-date: pyasn1>=0.1.8 in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from cryptography>=0.7->letsencrypt)
Requirement already up-to-date: enum34 in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from cryptography>=0.7->letsencrypt)
Requirement already up-to-date: ipaddress in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from cryptography>=0.7->letsencrypt)
Collecting cffi>=1.1.0 (from cryptography>=0.7->letsencrypt)
Using cached cffi-1.4.2.tar.gz
Requirement already up-to-date: ndg-httpsclient in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from acme==0.1.1->letsencrypt)
Collecting werkzeug (from acme==0.1.1->letsencrypt)
Using cached Werkzeug-0.11.3-py2.py3-none-any.whl
Requirement already up-to-date: zope.event in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from zope.component->letsencrypt)
Requirement already up-to-date: funcsigs in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from mock->letsencrypt)
Requirement already up-to-date: pbr>=0.11 in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from mock->letsencrypt)
Requirement already up-to-date: pycparser in /home/ec2-user/.local/share/letsencrypt/lib/python2.7/dist-packages (from cffi>=1.1.0->cryptography>=0.7->letsencrypt)
Installing collected packages: cffi, cryptography, PyOpenSSL, psutil, pyrfc3339, werkzeug
Running setup.py install for cffi
Running setup.py install for cryptography
Running setup.py install for psutil
Successfully installed PyOpenSSL cffi cryptography psutil pyrfc3339 werkzeug
Requesting root privileges to run with virtualenv: sudo /home/ec2-user/.local/share/letsencrypt/bin/letsencrypt -v
Traceback (most recent call last):
File "/home/ec2-user/.local/share/letsencrypt/bin/letsencrypt", line 7, in <module>
from letsencrypt.cli import main
File "/home/ec2-user/.local/share/letsencrypt/local/lib/python2.7/dist-packages/letsencrypt/cli.py", line 17, in <module>
import OpenSSL
ImportError: No module named OpenSSL
pip install pyopenssl不能解决这个问题。
arleslie
于 2016-01-08
好的,所以我相信我找到了解决此问题的方法。
这一切都归结为以 root 身份运行或通过 sudo 运行,使用多个包位置进行 pip 安装(lib/lib64、site-packages/dist-packages、/usr 与 /usr/local)。
我遇到了类似的问题:
http://stackoverflow.com/questions/33661818/python-virtualenv-importerror-with-celery-and-billiard
事实证明,Amazon Linux 附带的 pip 和 virtualenv 版本,即使在最新的 AMI 中,也已过时,并且(可能)在如何处理虚拟环境的 lib64/dist-packages 方面存在错误。
通过 pip 更新这两个程序,然后重新创建虚拟环境似乎可以解决以 root 身份运行安装程序(不使用 sudo)时的问题。 其他线程中给出的解决方案以及从 virtualenv 文件夹运行 pip 以重新安装依赖项的解决方案正在修复症状,而不是原因。
这里报告了类似的问题:
https://community.letsencrypt.org/t/letsencrypt-auto-openssl-module-not-found-ec2/4356
et304383
于 2016-01-11
上面 eric-tucker 的解决方案也对我有用。 谢谢!
killdash9
于 2016-01-12
从 Google 来到这里,在最新的 Amazon Linux 2015.09.1 上的 virtualenv 中所有已编译的 python 模块都有类似的问题。
eric-tucker 是对的,在这里手动升级 virtualenv 会有所帮助。
我发现罪魁祸首是环境变量PYTHON_INSTALL_LAYOUT=amzon默认情况下未在 Amazon Linux 上设置 - 然后您不会注意到问题。 但是一旦设置了这个,默认版本的 virtualenv 就不能工作了,因为包被安装到lib64/python2.7/dist-packages中,而这不是由 virtualenv 的site.py添加的(至少不是在来自的版本中) rpm 包;仅添加lib/python2.7/dist-packages )。
至少对我来说,棘手的部分是找出哪个包为我定义了这个变量。 原来这是由 yum 安装“ @Development tools”组引起的,特别是system-rpm-config包。 不是很明显...
piotrdomagalski
于 2016-01-27
是的! 我解决了! 谢谢埃里克塔克!
我运行了以下命令。
# pip install pip --upgrade
# pip install virtualenv --upgrade
# virtualenv -p /usr/bin/python27 venv27
# . venv27/bin/activate
# git clone https://github.com/letsencrypt/letsencrypt
# cd letsencrypt
# ./letsencrypt-auto certonly --debug --standalone -d <domain-name>
skatsumata
于 2016-01-29
更新到 2017 年的@skatsumata和 certbot-auto:
# rm /root/.local/share/letsencrypt/ -Rf
# pip install pip --upgrade
# pip install virtualenv --upgrade
# virtualenv -p /usr/bin/python27 venv27
# . venv27/bin/activate
# ./certbot-auto renew --debug #(or whatever your relevant command is)
zarmstrong
于 2017-03-03
我只需要运行sudo yum install python27-devel就可以为我工作,谢谢!
Gesias
于 2017-04-24
@zarmstrong 非常感谢,这行得通。 顺便说一句,我想设置一个 cron 来自动更新。 我如何用你的解决方案做到这一点?
nguyenhoaibao
于 2017-05-19
不确定这是否可行,未经测试。 但是你可以试试。
#!/bin/bash
date
cd /root
source venv27/bin/activate
./certbot-auto renew --debug
/etc/init.d/httpd reload
确保将输出重定向到某种日志并验证它是否有效。
zarmstrong
于 2017-05-19
这应该在我们的下一个版本中使用 #4978 修复。
bmw
于 2017-08-01
@bmw我不相信这已经解决了。 我在 AWS Elastic Beanstalk 环境中仍然遇到同样的 lib/lib64 问题,下载了最新版本的 certbot,如下所示:
wget https://dl.eff.org/certbot-auto; chmod a+x certbot-auto
# cat /etc/system-release
Amazon Linux AMI release 2017.09
[root@ip-172-31-10-255 venv]# /certbot/certbot-auto --debug renew
Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
from certbot.main import main
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/certbot/main.py", line 10, in <module>
import josepy as jose
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/__init__.py", line 41, in <module>
from josepy.interfaces import JSONDeSerializable
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/interfaces.py", line 8, in <module>
from josepy import errors, util
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/josepy/util.py", line 4, in <module>
import OpenSSL
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/__init__.py", line 8, in <module>
from OpenSSL import rand, crypto, SSL
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/rand.py", line 12, in <module>
from OpenSSL._util import (
File "/opt/eff.org/certbot/venv/local/lib/python2.7/dist-packages/OpenSSL/_util.py", line 6, in <module>
from cryptography.hazmat.bindings.openssl.binding import Binding
ImportError: No module named cryptography.hazmat.bindings.openssl.binding
utdrmac
于 2018-01-18
我对我们在 Python 依赖项方面遇到的麻烦以及其他问题感到困惑。
不过,如果您通过 pip 安装 certbot,我认为一切正常。 你试过这个@utdrmac吗? 我知道它解决了我的许多问题。
et304383
于 2018-01-18
不知道通过 pip 安装是一种选择。 我正在关注一些关于在 beanstalk 上使用 certbot 的博客文章,他们的脚本下载了它,就像我在上面所说的那样。 也许博客文章过时了。 现在通过 pip 进行测试:
# rm -rf /opt/eff.org/*
# pip install -U certbot
# certbot renew --debug
看来奏效了! 我将调整我的脚本以使用系统 pip 安装 certbot,而不是直接下载它。 在这方面,certbots 内置安装程序/更新程序可能存在一些问题?
utdrmac
于 2018-01-18
老实说,我不知道为什么通过 pip 安装不是所有操作系统上的推荐方法。
下载文件的原始解决方案试图设置一个 virtualenv 并且失败了一半的时间需要 DIAF。
et304383
于 2018-01-18
错误在于 python 路径和dist-packages的使用。 我们可以在 /opt/eff.org/certbot/venv/lib64/python2.7/site-packages/dist.pth 中添加路径配置,例如dist.pth /opt/eff.org/certbot/venv/lib64/python2.7/site-packages/dist.pth 。 然而, pth文件只有在站点目录(例如site-packages )和新指定路径(即 dist-packages)中的pth文件才会被处理不被阅读。 我们在/opt/eff.org/certbot/venv/lib64/python2.7/site-packages/中创建一个 sitecustomize.py,其中包含以下内容:
import site
site.addsitedir('/opt/eff.org/certbot/venv/lib64/python2.7/dist-packages')
sitecustomize.py将 dist-packages 设置为站点目录,并将成功读取zope.interface-4.4.3-py2.7-nspkg.pth 。 这避免了from zope.interface import Interface错误ImportError 。
此外,我发现/usr/local/bin/certbot-auto重新创建了 virtualenv venv 。 这将导致我们试图避免的相同 python 路径错误。 我建议应用上述方法并在venv中手动获取激活脚本; 例如, . /opt/eff.org/certbot/venv/bin/activate 。
我更喜欢这种方法,因为它避免了对系统级 python 包的抨击。
micharu123
于 2018-01-23
并不是说这与上面有什么不同,但对我来说,在 certbot 0.21.1 上的快速修复是有效地将密码学危险品绑定“移动”到letsencrypt的python自定义版本正在寻找的地方:
cd /opt/eff.org/certbot/venv/lib64/python2.7
mv site-packages site-packages.sav
ln -s dist-packages/ site-packages
这对我有用,因为 site-packages/ 子目录对我来说是空的。 需要明确的是,这解决了 Amazon Linux 上最近的 certbot 版本上出现的以下错误,对我来说是 certbot 0.21.0 和 0.21.1:
<snip>
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/OpenSSL/_util.py", line 6, in <module>
from cryptography.hazmat.bindings.openssl.binding import Binding
ImportError: No module named cryptography.hazmat.bindings.openssl.binding
mrballcb
于 2018-01-26
@utdrmac写的答案是我最终使用的,谢谢马修!
但我得到了错误: "The requested apache plugin does not appear to be installed"
所以我做了: sudo -H pip install certbot-apache
arunbasillal
于 2018-01-26
我有同样的错误,我以某种方式解决了它
由于我有两个版本的 python 安装,python 2 和 3,我必须找出在 certbot/letencrypt 上使用的是哪个版本。 尝试导入密码学时会报告错误....
在命令行上
python
from cryptography.hazmat.bindings._constant_time import lib
没有导入错误,所以我对 python3 做了同样的事情,我得到了No module named '_cffi_backend错误。 所以我简单地用 pip3 安装了 cffi 模块sudo -H pip3 install cffi
sudo -H 因为它需要作为一个全局包
接下来做certbot help然后得到urllib3的导入错误。 用 pip3 安装它,现在一切正常。
希望有人觉得这有帮助
phacic
于 2018-03-07
我在 AWS EC2 实例上也遇到了这个问题,只是通过以 root 身份运行@utdrmac的解决方案来解决。 它正在升级到 certbot 0.22.0
annafelicity
于 2018-03-14
非常感谢@utdrmac的解决方案。 过去两天我一直在尝试很多东西,但没有任何效果。
seemaalbal
于 2018-03-15
我今天遇到了这个问题,进一步发现@utdrmac解决方案在运行 Amazon Linux AMI 2017.09 的 AWS EC2 上不起作用。 我在最后一步遇到的错误是:
$ sudo certbot renew --debug
/usr/lib64/python2.6/dist-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. The next version of cryptography will drop support for Python 2.6
DeprecationWarning
Traceback (most recent call last):
File "/usr/bin/certbot", line 7, in <module>
from certbot.main import main
File "/usr/lib/python2.6/dist-packages/certbot/main.py", line 11, in <module>
import zope.component
File "/usr/lib/python2.6/dist-packages/zope/component/__init__.py", line 28, in <module>
from zope.component.globalregistry import getGlobalSiteManager
File "/usr/lib/python2.6/dist-packages/zope/component/globalregistry.py", line 18, in <module>
from zope.interface.registry import Components
File "/usr/lib64/python2.6/dist-packages/zope/interface/registry.py", line 167
filtered_state = {k: v for k, v in reduction[2].items()
^
SyntaxError: invalid syntax
为了让 certbot 运行,我不得不通过安装更新的 Python 并使用它来扩展这个解决方案,因此:
sudo rm -rf /opt/eff.org/*
sudo yum -y install python36 python36-pip python36-libs python36-tools python36-virtualenv
sudo /usr/bin/pip-3.6 install -U certbot
sudo /usr/bin/pip-3.6 install certbot-apache
sudo /usr/local/bin/certbot renew --debug
请注意,我在此提案中单独sudo每个命令,因为当我尝试将它们全部放在一起时(如在sudo su -中),这一系列步骤失败了,因为一些旧的 Python 设置污染了环境,导致无论如何,certbot 最终都会失败。
wwkimball
于 2018-03-18
@wwkimball公平地说,我的解决方案/问题是针对 Elastic Beanstalk。 似乎我也在运行 AMI 2017.09,所以不知道为什么你的和其他人的不同。
utdrmac
于 2018-03-19
我遇到了同样的问题。 这是为我解决的问题:
/opt/eff.org/certbot/venv/local/bin/pip 安装密码学接口
gmegidish
于 2018-04-13
@gmegidish的解决方案为我解决了这个问题。
GoaKoala
于 2018-09-27
@wwkimball 的https://github.com/certbot/certbot/issues/1680#issuecomment -374046383对我有用。
感谢您的解决方案! :100:
arun-shukla
于 2018-11-12
FWIW,这是我在我的 AWS Linux 实例上拼凑起来的:
#!/bin/bash -x
# If run in cron, add /usr/local to cron's sanitized PATH
export PATH=$PATH:/usr/local/sbin:/usr/local/bin
INSTALLED=/usr/local/bin
$INSTALLED/certbot-auto $@
if [ $? -ne 0 ]; then
# certbot-auto used venv to install modules, but something
# about the way it put things together put pieces in a subdir
# that python doesn't look in by default on AWS Linux. Fix it.
BASEDIR="/opt/eff.org/certbot/venv/lib64/python2.7"
cat << " EOM"
1. Getting rid of empty $BASEDIR/site-packages.
2. Create symlink "site-packages" to "dist-packages/".
EOM
if [ -d $BASEDIR ]; then
cd $BASEDIR
rm -rf site-packages
ln -s dist-packages/ site-packages
else
echo "ERROR: $BASEDIR doesn't exist, python version changed?"
fi
$INSTALLED/certbot-auto $@
fi
我选择保留INSTALLED变量,以防有人想将certbot-auto脚本安装在路径以外的其他位置。 我将其称为 run_certbot.sh,并使用要传递给 certbot-auto 的参数来调用它:
run_certbot.sh renew --debug
@mrballcb谢谢! 完美地工作。
bishu05
于 2019-02-02
sudo pip3 install cryptography
sudo pip3 install interface
为我工作
diklimchuk
于 2019-03-27
./certbot-auto --no-bootstrap
这对我有用
davidromeroxaandia
于 2019-04-08
我能够通过 pip 方法(包含 pip 的 python36)在 Amazon Linux 1 上成功安装和运行 certbot。 yum 方法遇到了以下错误,这些错误超出了我的诊断能力。
Complete!
Creating virtual environment...
Traceback (most recent call last):
File "<stdin>", line 27, in <module>
File "<stdin>", line 19, in create_venv
File "/usr/lib64/python2.7/subprocess.py", line 185, in check_call
retcode = call(*popenargs, **kwargs)
File "/usr/lib64/python2.7/subprocess.py", line 172, in call
return Popen(*popenargs, **kwargs).wait()
File "/usr/lib64/python2.7/subprocess.py", line 394, in __init__
errread, errwrite)
File "/usr/lib64/python2.7/subprocess.py", line 1047, in _execute_child
raise child_exception
OSError: [Errno 2] No such file or directory
zyphlar
于 2019-09-07
@micharu123感谢您的帖子,您的解决方案为我解决了同样的问题。 干杯
bwalia
于 2019-10-14
我遇到了这里提到的一些相同问题,解决方案只是将“certbot-auto”可执行文件移动到 /usr/local/bin/ 。 这立即修复了我的 AWS 服务器上的每一个错误。
frivascl
于 2020-06-17
相关问题
bmw
·
3评论
Mattia98
·
3评论
schoen
·
3评论
darkworks
·
3评论
LouWii
·
4评论
最有用的评论
不知道通过 pip 安装是一种选择。 我正在关注一些关于在 beanstalk 上使用 certbot 的博客文章,他们的脚本下载了它,就像我在上面所说的那样。 也许博客文章过时了。 现在通过 pip 进行测试:
看来奏效了! 我将调整我的脚本以使用系统 pip 安装 certbot,而不是直接下载它。 在这方面,certbots 内置安装程序/更新程序可能存在一些问题?