Amazon-Ec2
在 Amazon Linux 上使用 LetsEncrypt certbot 創建 SSL 證書時出錯
我正在嘗試使用該
certbot
軟體為在執行 Amazon Linux (2017.09) 的 AWS EC2 實例上執行的 Web 伺服器 (Apache) 設置免費的 LetsEncrypt SSL 證書。我似乎無法從 repos 中獲取它,所以我從https://dl.eff.org/certbot-auto
.我正在執行以下命令:
sudo ./certbot-auto --debug certonly
我得到以下輸出和錯誤:
Bootstrapping dependencies for Amazon... (you can skip this with --no-bootstrap) yum is /usr/bin/yum yum is hashed (/usr/bin/yum) Loaded plugins: priorities, update-motd, upgrade-helper 1005 packages excluded due to repository priority protections Package matching gcc-4.8.3-3.20.amzn1.noarch already installed. Checking for update. Package matching 1:openssl-1.0.1k-15.99.amzn1.x86_64 already installed. Checking for update. Package ca-certificates-2015.2.6-65.0.1.16.amzn1.noarch already installed and latest version Package python27-devel-2.7.12-2.120.amzn1.x86_64 already installed and latest version Package matching python27-virtualenv-12.0.7-1.13.amzn1.noarch already installed. Checking for update. Package matching python27-pip-6.1.1-1.23.amzn1.noarch already installed. Checking for update. Package 1:mod_ssl-2.2.34-1.15.amzn1.x86_64 already installed and latest version Resolving Dependencies --> Running transaction check ---> Package augeas-libs.x86_64 0:1.0.0-5.7.amzn1 will be installed ---> Package libffi-devel.x86_64 0:3.0.13-16.5.amzn1 will be installed ---> Package openssl-devel.x86_64 1:1.0.1k-15.99.amzn1 will be installed --> Processing Dependency: openssl(x86-64) = 1:1.0.1k-15.99.amzn1 for package: 1:openssl-devel-1.0.1k-15.99.amzn1.x86_64 --> Processing Dependency: krb5-devel(x86-64) for package: 1:openssl-devel-1.0.1k-15.99.amzn1.x86_64 ---> Package python27-tools.x86_64 0:2.7.12-2.120.amzn1 will be installed ---> Package system-rpm-config.noarch 0:9.0.3-42.28.amzn1 will be installed --> Running transaction check ---> Package krb5-devel.x86_64 0:1.14.1-27.41.amzn1 will be installed --> Processing Dependency: krb5-libs(x86-64) = 1.14.1-27.41.amzn1 for package: krb5-devel-1.14.1-27.41.amzn1.x86_64 --> Processing Dependency: libkadm5(x86-64) = 1.14.1-27.41.amzn1 for package: krb5-devel-1.14.1-27.41.amzn1.x86_64 --> Processing Dependency: libverto-devel for package: krb5-devel-1.14.1-27.41.amzn1.x86_64 --> Processing Dependency: libcom_err-devel for package: krb5-devel-1.14.1-27.41.amzn1.x86_64 --> Processing Dependency: keyutils-libs-devel for package: krb5-devel-1.14.1-27.41.amzn1.x86_64 --> Processing Dependency: libselinux-devel for package: krb5-devel-1.14.1-27.41.amzn1.x86_64 ---> Package openssl-devel.x86_64 1:1.0.1k-15.99.amzn1 will be installed --> Processing Dependency: openssl(x86-64) = 1:1.0.1k-15.99.amzn1 for package: 1:openssl-devel-1.0.1k-15.99.amzn1.x86_64 --> Running transaction check ---> Package keyutils-libs-devel.x86_64 0:1.5.8-3.12.amzn1 will be installed ---> Package krb5-devel.x86_64 0:1.14.1-27.41.amzn1 will be installed --> Processing Dependency: krb5-libs(x86-64) = 1.14.1-27.41.amzn1 for package: krb5-devel-1.14.1-27.41.amzn1.x86_64 ---> Package libcom_err-devel.x86_64 0:1.42.12-4.40.amzn1 will be installed ---> Package libkadm5.x86_64 0:1.14.1-27.41.amzn1 will be installed --> Processing Dependency: krb5-libs(x86-64) = 1.14.1-27.41.amzn1 for package: libkadm5-1.14.1-27.41.amzn1.x86_64 ---> Package libselinux-devel.x86_64 0:2.1.10-3.22.amzn1 will be installed --> Processing Dependency: libsepol-devel >= 2.1.5-1 for package: libselinux-devel-2.1.10-3.22.amzn1.x86_64 --> Processing Dependency: pkgconfig(libsepol) for package: libselinux-devel-2.1.10-3.22.amzn1.x86_64 ---> Package libverto-devel.x86_64 0:0.2.5-4.9.amzn1 will be installed ---> Package openssl-devel.x86_64 1:1.0.1k-15.99.amzn1 will be installed --> Processing Dependency: openssl(x86-64) = 1:1.0.1k-15.99.amzn1 for package: 1:openssl-devel-1.0.1k-15.99.amzn1.x86_64 --> Running transaction check ---> Package krb5-devel.x86_64 0:1.14.1-27.41.amzn1 will be installed --> Processing Dependency: krb5-libs(x86-64) = 1.14.1-27.41.amzn1 for package: krb5-devel-1.14.1-27.41.amzn1.x86_64 ---> Package libkadm5.x86_64 0:1.14.1-27.41.amzn1 will be installed --> Processing Dependency: krb5-libs(x86-64) = 1.14.1-27.41.amzn1 for package: libkadm5-1.14.1-27.41.amzn1.x86_64 ---> Package libsepol-devel.x86_64 0:2.1.7-3.12.amzn1 will be installed ---> Package openssl-devel.x86_64 1:1.0.1k-15.99.amzn1 will be installed --> Processing Dependency: openssl(x86-64) = 1:1.0.1k-15.99.amzn1 for package: 1:openssl-devel-1.0.1k-15.99.amzn1.x86_64 --> Finished Dependency Resolution Error: Package: libkadm5-1.14.1-27.41.amzn1.x86_64 (amzn-main) Requires: krb5-libs(x86-64) = 1.14.1-27.41.amzn1 Installed: krb5-libs-1.15.1-8.43.amzn1.x86_64 (@amzn-updates/latest) krb5-libs(x86-64) = 1.15.1-8.43.amzn1 Available: krb5-libs-1.14.1-27.41.amzn1.x86_64 (amzn-main) krb5-libs(x86-64) = 1.14.1-27.41.amzn1 Error: Package: krb5-devel-1.14.1-27.41.amzn1.x86_64 (amzn-main) Requires: krb5-libs(x86-64) = 1.14.1-27.41.amzn1 Installed: krb5-libs-1.15.1-8.43.amzn1.x86_64 (@amzn-updates/latest) krb5-libs(x86-64) = 1.15.1-8.43.amzn1 Available: krb5-libs-1.14.1-27.41.amzn1.x86_64 (amzn-main) krb5-libs(x86-64) = 1.14.1-27.41.amzn1 Error: Package: 1:openssl-devel-1.0.1k-15.99.amzn1.x86_64 (amzn-main) Requires: openssl(x86-64) = 1:1.0.1k-15.99.amzn1 Installed: 1:openssl-1.0.2k-7.103.amzn1.x86_64 (@amzn-main/latest) openssl(x86-64) = 1:1.0.2k-7.103.amzn1 Available: 1:openssl-1.0.1k-15.99.amzn1.x86_64 (amzn-main) openssl(x86-64) = 1:1.0.1k-15.99.amzn1 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest Could not install OS dependencies. Aborting bootstrap!
我知道有人說 Amazon Linux 沒有像其他發行版用於 certbot 那樣得到適當的支持,但也許有人可以幫我找出解決方法?
如果您使用的是不受支持的作業系統,那麼最好的選擇是使用 Let’s Encrypt 的第三方客戶端之一。
我個人的偏好是acme.sh。