みなさんこんにちは!
このブログはLet’s Encryptを使ってSSL化されているのですが、その更新に3時間くらい使ってしまったので、同じ人のために書き残しておきます。
ちなみにAmazon Linuxで、Amazon Lightsailを使って、nginx+php-fpmで運用されています。
最初のエラーメッセージ
最初に出てきたのが./certbot-auto: line 681: virtualenv: command not foundというエラーメッセージ。pip install virtualenvしても何をしてもダメでした。
# certbot-auto renew --debug Bootstrapping dependencies for Amazon... (you can skip this with --no-bootstrap) yum is /usr/bin/yum Loaded plugins: priorities, update-motd, upgrade-helper 9 packages excluded due to repository priority protections Package gcc-4.8.3-3.20.amzn1.noarch already installed and latest version Package augeas-libs-1.0.0-5.7.amzn1.x86_64 already installed and latest version Package 1:openssl-1.0.1k-15.99.amzn1.x86_64 already installed and latest version Package 1:openssl-devel-1.0.1k-15.99.amzn1.x86_64 already installed and latest version Package libffi-devel-3.0.13-16.5.amzn1.x86_64 already installed and latest version Package system-rpm-config-9.0.3-42.28.amzn1.noarch already installed and latest version Package ca-certificates-2015.2.6-65.0.1.16.amzn1.noarch already installed and latest version Package python27-2.7.12-2.120.amzn1.x86_64 already installed and latest version Package python27-devel-2.7.12-2.120.amzn1.x86_64 already installed and latest version Package python27-virtualenv-12.0.7-1.13.amzn1.noarch already installed and latest version Package python27-tools-2.7.12-2.120.amzn1.x86_64 already installed and latest version Package python27-pip-6.1.1-1.23.amzn1.noarch already installed and latest version Nothing to do Creating virtual environment... ./certbot-auto: line 681: virtualenv: command not found
そんなときに見つけたのが以下のissue
./letsencrypt-auto: line 460: virtualenv: command not found #2889
yum remove python27-virtualenvしたあとにyum install python27-virtualenvしたら動いたよ!というメッセージを見つけ、まさかまさか・・・と思いつつ実行。
# yum remove python27-virtualenv # yum -y install python27-virtualenv # sudo ./certbot-auto renew --debug ...(省略) Installing Python packages... Installation succeeded. Traceback (most recent call last): File "/root/.local/share/letsencrypt/bin/letsencrypt", line 7, infrom certbot.main import main File "/root/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/main.py", line 7, in import zope.component File "/root/.local/share/letsencrypt/local/lib/python2.7/dist-packages/zope/component/__init__.py", line 16, in from zope.interface import Interface ImportError: No module named interface
つまずくところは変わったけど結局エラー・・・
No module named interfaceエラー
うーん、と色々調べていくと以下の記事がヒット。
Amazon Linux 上の Let’s Encrypt で証明書更新エラーが出た時の対処方法
この記事と同じように、PYTHON_INSTALL_LAYOUTになんか設定されてんの?と思いつつ見ると設定されてる。よってそれをunset。
# env | grep PYTHON_INSTALL_LAYOUT # unset PYTHON_INSTALL_LAYOUT
実行しようと思ったら以下のように出たので、環境変数をもう一度設定するために~/.local以下を削除。
# ./certbot-auto renew --debug Error: couldn't get currently installed version for /root/.local/share/letsencrypt/bin/letsencrypt: Traceback (most recent call last): File "/root/.local/share/letsencrypt/bin/letsencrypt", line 7, infrom certbot.main import main File "/root/.local/share/letsencrypt/local/lib/python2.7/dist-packages/certbot/main.py", line 7, in import zope.component File "/root/.local/share/letsencrypt/local/lib/python2.7/dist-packages/zope/component/__init__.py", line 16, in from zope.interface import Interface ImportError: No module named interface # rm -Rf ~/.local/
そしてもう1回実行。
# certbot-auto renew --debug Saving debug log to /var/log/letsencrypt/letsencrypt.log ------------------------------------------------------------------------------- Processing /etc/letsencrypt/renewal/tagamidaiki.com.conf ------------------------------------------------------------------------------- Cert is due for renewal, auto-renewing... Renewing an existing certificate Performing the following challenges: http-01 challenge for tagamidaiki.com Waiting for verification... Cleaning up challenges ------------------------------------------------------------------------------- new certificate deployed without reload, fullchain is /etc/letsencrypt/live/tagamidaiki.com/fullchain.pem ------------------------------------------------------------------------------- Congratulations, all renewals succeeded. The following certs have been renewed: /etc/letsencrypt/live/tagamidaiki.com/fullchain.pem (success)
そうすると成功しましたとさ。
長い道のりだった・・・(´・ω・`)