Z-Car

Unable to renew using LetsEncrypt Certbot-Auto with CRON – Fail

Recently I had a fail when trying to automate the renewal of my LetsEncrypt SSL certificates using a CRON job, I experienced the following error when running “certbot-auto renew” :

Error: couldn’t get currently installed version for //.local/share/letsencrypt/bin/letsencrypt:
//.local/share/letsencrypt/lib64/python2.6/site-packages/cryptography/__init__.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
  DeprecationWarning
An unexpected error occurred:
ContextualVersionConflict: (setuptools 0.9.8 (/.local/share/letsencrypt/lib/python2.6/site-packages), Requirement.parse(‘setuptools>=1.0′), set([‘certbot’]))

At first glance, this failure would appear to have something to do with Python 2.6 and the cryptography site-package.  However, this actually just turns out to be a warning.  The unexpected error below is what causes the issue.  If you look closely at the error (couldn’t get currently installed version for //.local/share/letsencrypt/bin/letsencrypt) line and the line starting with ContextualVersionConflict, you will see that it is trying to access (/.local/share/letsencrypt/lib/python2.6/site-packages).  In both cases, the issue is with //.local/, when running as a cronjob, this needs to point to /root/.local.  There are a couple ways to fix this.

One, you can edit your crontab and edit HOME=/ to HOME=/root/
Two, you can create a wrapper script that changes your HOME directory before calling certbot-auto renew
Lastly, you can choose to do what I did and directly edit the certbot-auto script.   I hard-coded the values for HOME and XDG_DATA_HOME.  This has the disadvantage of getting wiped out if you ever update that script, however it also guarantees that no matter how that script is executed, it will always be pointing to the correct location.

To edit the script, add the following lines :
HOME=/root/
XDG_DATA_HOME=/root/.local/share

before the line that has :
VENV_NAME=”letsencrypt”

Leave a comment if this solved your problem, or if you are experiencing any other strange issues running certbot-auto from a cron job.

Leave a Reply and Let me know what you think...