我现在使用的是 Red Hat Enterprise Linux 8,EPEL 版本 8 尚未发布。因此我选择手动安装并按照以下步骤操作:
https://certbot.eff.org/lets-encrypt/pip-nginx
我总是收到这个错误
sudo /usr/local/bin/certbot-auto certonly --nginx --verbose --debug
[sudo] password for haidarvm:
Bootstrapping dependencies for RedHat-based OSes... (you can skip this with --no-bootstrap)
dnf is /bin/dnf
dnf is hashed (/bin/dnf)
Updating Subscription Management repositories.
Last metadata expiration check: 2:06:59 ago on Jum 12 Jul 2019 06:04:00 +08.
Package gcc-8.2.1-3.5.el8.x86_64 is already installed.
Package augeas-libs-1.10.1-8.el8.x86_64 is already installed.
Package openssl-1:1.1.1-8.el8.x86_64 is already installed.
Package openssl-devel-1:1.1.1-8.el8.x86_64 is already installed.
Package libffi-devel-3.1-18.el8.x86_64 is already installed.
Package redhat-rpm-config-116-1.el8.noarch is already installed.
Package ca-certificates-2018.2.24-6.el8.noarch is already installed.
Package python2-libs-2.7.15-22.module+el8.0.0+2961+596d0223.x86_64 is already installed.
Package python2-setuptools-39.0.1-11.module+el8.0.0+2961+596d0223.noarch is already installed.
Package python2-devel-2.7.15-22.module+el8.0.0+2961+596d0223.x86_64 is already installed.
Package python2-virtualenv-15.1.0-18.module+el8.0.0+2961+596d0223.noarch is already installed.
Package python2-tools-2.7.15-22.module+el8.0.0+2961+596d0223.x86_64 is already installed.
Package python2-pip-9.0.3-13.module+el8.0.0+2961+596d0223.noarch is already installed.
Dependencies resolved.
Nothing to do.
Complete!
Creating virtual environment...
Traceback (most recent call last):
File "<stdin>", line 27, in <module>
File "<stdin>", line 19, in create_venv
File "/usr/lib64/python2.7/subprocess.py", line 185, in check_call
retcode = call(*popenargs, **kwargs)
File "/usr/lib64/python2.7/subprocess.py", line 172, in call
return Popen(*popenargs, **kwargs).wait()
File "/usr/lib64/python2.7/subprocess.py", line 394, in __init__
errread, errwrite)
File "/usr/lib64/python2.7/subprocess.py", line 1047, in _execute_child
raise child_exception
OSError: [Errno 2] No such file or directory
我的系统详细信息是:
Static hostname: xxx.xxx.xxx
Icon name: computer-vm
Chassis: vm
Virtualization: kvm
Operating System: Red Hat Enterprise Linux 8.0 (Ootpa)
CPE OS Name: cpe:/o:redhat:enterprise_linux:8.0:GA
Kernel: Linux 4.18.0-80.4.2.el8_0.x86_64
Architecture: x86-64
有谁尝试过 CertbotRHEL 8?
答案1
Certbot 现在完全支持 RHEL/CentOS 8。只需运行
wget https://dl.eff.org/certbot-auto
chmod +x certbot-auto
为了阿帕奇
./certbot-auto --apache
为了nginx
./certbot-auto --nginx
它安装在我的 CentOS 8 最小安装上:
Package openssl-1:1.1.1-8.el8.x86_64 is already installed.
Package ca-certificates-2018.2.24-6.el8.noarch is already installed.
Dependencies resolved.
=========================================================================================================
Package Arch Version Repository Size
=========================================================================================================
Installing:
gcc x86_64 8.2.1-3.5.el8 AppStream 23 M
python3-virtualenv noarch 15.1.0-18.module_el8.0.0+33+0a10c0e1 AppStream 1.7 M
python36 x86_64 3.6.8-2.module_el8.0.0+33+0a10c0e1 AppStream 19 k
python36-devel x86_64 3.6.8-2.module_el8.0.0+33+0a10c0e1 AppStream 16 k
redhat-rpm-config noarch 116-1.el8.0.1 AppStream 82 k
augeas-libs x86_64 1.10.1-8.el8 BaseOS 392 k
libffi-devel x86_64 3.1-18.el8 BaseOS 28 k
openssl-devel x86_64 1:1.1.1-8.el8 BaseOS 2.3 M
以及更多依赖包,包括上面提到的 python3-virtualenv。请关注 certbot 文档以获取更多帮助。
答案2
我正在寻求 certbot 成员 Brad Warren 的帮助: https://github.com/certbot/certbot/issues/7241
他仅通过安装一个简单的命令就帮助了我:
$ sudo dnf install python3-virtualenv
一切运行顺利,结果如下:
sudo /usr/local/bin/certbot-auto --nginx --verbose --debug
Nothing to do.
Complete!
Creating virtual environment...
Running virtualenv with interpreter /bin/python2.7
New python executable in /opt/eff.org/certbot/venv/bin/python2.7
Also creating executable in /opt/eff.org/certbot/venv/bin/python
Installing setuptools, pip, wheel...done.
Installing Python packages...
Collecting ConfigArgParse==0.14.0 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 7))
Downloading https://files.pythonhosted.org/packages/55/ea/f0ade52790bcd687127a302b26c1663bf2e0f23210d5281dbfcd1dfcda28/ConfigArgParse-0.14.0.tar.gz
Collecting asn1crypto==0.24.0 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 9))
Downloading https://files.pythonhosted.org/packages/ea/cd/35485615f45f30a510576f1a56d1e0a7ad7bd8ab5ed7cdc600ef7cd06222/asn1crypto-0.24.0-py2.py3-none-any.whl (101kB)
100% |████████████████████████████████| 102kB 30.5MB/s
Collecting certifi==2019.3.9 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 12))
Downloading https://files.pythonhosted.org/packages/60/75/f692a584e85b7eaba0e03827b3d51f45f571c2e793dd731e598828d380aa/certifi-2019.3.9-py2.py3-none-any.whl (158kB)
100% |████████████████████████████████| 163kB 68.6MB/s
Collecting cffi==1.12.2 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 15))
Downloading https://files.pythonhosted.org/packages/9d/6f/aea9f5559fb593da07ff34e67513bd62483b45715b4a5f5fae6a0a5792ea/cffi-1.12.2-cp27-cp27mu-manylinux1_x86_64.whl (413kB)
100% |████████████████████████████████| 419kB 19.6MB/s
Collecting chardet==3.0.4 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 44))
Downloading https://files.pythonhosted.org/packages/bc/a9/01ffebfb562e4274b6487b4bb1ddec7ca55ec7510b22e4c51f14098443b8/chardet-3.0.4-py2.py3-none-any.whl (133kB)
100% |████████████████████████████████| 143kB 51.9MB/s
Collecting configobj==5.0.6 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 47))
Downloading https://files.pythonhosted.org/packages/64/61/079eb60459c44929e684fa7d9e2fdca403f67d64dd9dbac27296be2e0fab/configobj-5.0.6.tar.gz
Collecting cryptography==2.6.1 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 49))
Downloading https://files.pythonhosted.org/packages/c3/c1/cf8665c955c9393e9ff0872ba6cd3dc6f46ef915e94afcf6e0410508ca69/cryptography-2.6.1-cp27-cp27mu-manylinux1_x86_64.whl (2.3MB)
100% |████████████████████████████████| 2.3MB 46.4MB/s
Collecting enum34==1.1.6 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 71))
Downloading https://files.pythonhosted.org/packages/c5/db/e56e6b4bbac7c4a06de1c50de6fe1ef3810018ae11732a50f15f62c7d050/enum34-1.1.6-py2-none-any.whl
Collecting funcsigs==1.0.2 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 76))
Downloading https://files.pythonhosted.org/packages/69/cb/f5be453359271714c01b9bd06126eaf2e368f1fddfff30818754b5ac2328/funcsigs-1.0.2-py2.py3-none-any.whl
Collecting future==0.17.1 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 79))
Downloading https://files.pythonhosted.org/packages/90/52/e20466b85000a181e1e144fd8305caf2cf475e2f9674e797b222f8105f5f/future-0.17.1.tar.gz (829kB)
100% |████████████████████████████████| 829kB 70.0MB/s
....
Requirement already satisfied: setuptools>=1.0 in /opt/eff.org/certbot/venv/lib/python2.7/site-packages (from josepy==1.1.0->-r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 87))
Installing collected packages: ConfigArgParse, asn1crypto, certifi, pycparser, cffi, chardet, six, configobj, enum34, ipaddress, cryptography, funcsigs, future, idna, pyOpenSSL, josepy, pbr, mock, parsedatetime, pytz, pyRFC3339, pyparsing, python-augeas, urllib3, requests, requests-toolbelt, zope.interface, zope.proxy, zope.deferredimport, zope.deprecation, zope.hookable, zope.event, zope.component, acme, certbot, letsencrypt, certbot-apache, certbot-nginx
Running setup.py install for ConfigArgParse ... done
Running setup.py install for pycparser ... done
Running setup.py install for configobj ... done
Running setup.py install for future ... done
Running setup.py install for python-augeas ... done
Running setup.py install for zope.proxy ... done
Running setup.py install for zope.hookable ... done
Successfully installed ConfigArgParse-0.14.0 acme-0.36.0 asn1crypto-0.24.0 certbot-0.36.0 certbot-apache-0.36.0 certbot-nginx-0.36.0 certifi-2019.3.9 cffi-1.12.2 chardet-3.0.4 configobj-5.0.6 cryptography-2.6.1 enum34-1.1.6 funcsigs-1.0.2 future-0.17.1 idna-2.8 ipaddress-1.0.22 josepy-1.1.0 letsencrypt-0.7.0 mock-1.3.0 parsedatetime-2.4 pbr-5.1.3 pyOpenSSL-19.0.0 pyRFC3339-1.1 pycparser-2.19 pyparsing-2.3.1 python-augeas-0.5.0 pytz-2018.9 requests-2.21.0 requests-toolbelt-0.9.1 six-1.12.0 urllib3-1.24.2 zope.component-4.5 zope.deferredimport-4.3 zope.deprecation-4.4.0 zope.event-4.4 zope.hookable-4.2.0 zope.interface-4.6.0 zope.proxy-4.3.1
Installation succeeded.
Root logging level set at 10
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator nginx and installer nginx
Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f22224214d0>
Prep: True
Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f22224214d0>
Prep: True
...
Reporting to user: Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/haidar.online/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/haidar.online/privkey.pem
Your cert will expire on 2019-10-11. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again. To non-interactively renew *all* of your certificates, run "certbot-auto renew"
Reporting to user: If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/haidar.online/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/haidar.online/privkey.pem
Your cert will expire on 2019-10-11. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew *all* of your certificates, run
"certbot-auto renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
它在我的服务器上完美运行。非常感谢,我真的很感激
顺便说一句,我正在运行它,仍然使用 certbot 版本 0.36.0