Amazon-Ec2

如何在 Amazon Linux 2 上安裝 certbot

  • October 1, 2021

我有一個執行 Amazon Linux 第 2 版 (Karoo) 的 EC2 虛擬機 我怎樣才能獲得certbot

它附帶awscli安裝的工具,這些工具似乎與certbotin epel 不兼容:

$ sudo bash
# yum install -y epel-release
# yum-config-manager --enable epel
# yum install certbot certbot-dns-route53
# certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d mysite.com
An unexpected error occurred:
ContextualVersionConflict: (botocore 1.13.36 (/usr/lib/python2.7/site-packages), Requirement.parse('botocore<1.6.0,>=1.5.0'), set(['boto3']))
Please see the logfile '/tmp/tmpVO1RPd/log' for more details.

此處簡要討論:https ://community.letsencrypt.org/t/contextualversionconflict-botocore-1-12-92/94922和此處:https ://unix.stackexchange.com/questions/415874/certbot-and- awscli-require-different-versions-of-botocore/456362#456362但這些修復對我不起作用(我想同時擁有 awscli)。

所以我嘗試將它安裝在 Python venv 中,這樣我就可以擁有 certbot 和 awscli,但我得到了這個:

$ sudo bash
# yum install pip
# pip install virtualenv
# virtualenv env
# source env/bin/activate
# pip install certbot certbot-dns-route53
# certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d mysite.com
Traceback (most recent call last):
 File "/home/ec2-user/certbot-venv/env/bin/certbot", line 5, in <module>
   from certbot.main import main
 File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/certbot/main.py", line 2, in <module>
   from certbot._internal import main as internal_main
 File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/certbot/_internal/main.py", line 21, in <module>
   from certbot._internal import cert_manager
 File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/certbot/_internal/cert_manager.py", line 16, in <module>
   from certbot._internal import storage
 File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/certbot/_internal/storage.py", line 79, in <module>
   def add_time_interval(base_time, interval, textparser=parsedatetime.Calendar()):
 File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/parsedatetime/__init__.py", line 270, in __init__
   self.ptc = Constants()
 File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/parsedatetime/__init__.py", line 2381, in __init__
   self.locale = get_icu(self.localeID)
 File "/home/ec2-user/certbot-venv/env/lib/python2.7/site-packages/parsedatetime/pdt_locales/icu.py", line 56, in get_icu
   result['icu'] = icu = pyicu.Locale(locale)
AttributeError: 'module' object has no attribute 'Locale'

有誰知道如何解決?我嘗試安裝一些與語言環境相關的不同東西,但還沒有運氣。

蟒蛇 3

這對我有用:

yum groupinstall -y "Development Tools"
yum install -y python3-devel libicu-devel
python3 -m venv /opt/certbot-venv
cd /opt/certbot-venv
source bin/activate
pip install --upgrade certbot certbot-dns-route53 pyicu-binary

然後執行它:

source /opt/certbot-venv/bin/activate
certbot renew ...

蟒蛇2

警告:這將為您提供舊版本的 certbot

這可能是依賴庫“parsedatetime”中的錯誤。我在https://github.com/bear/parsedatetime/issues/251有一個更新檔,它為我解決了這個問題。

以下現在對我有用:

yum install -y python-pip
pip install --upgrade pip
pip install virtualenv pipenv
mkdir /opt/certbot-venv && cd /opt/certbot-venv
virtualenv .
source bin/activate
pip install --upgrade certbot certbot-dns-route53 pyicu-binary

cat >parsedatetime-patch <<'END'
index e09f517..c6f277d 100644
--- a/parsedatetime/pdt_locales/icu.py
+++ b/parsedatetime/pdt_locales/icu.py
@@ -12,13 +12,7 @@ try:
except NameError:
    pass

-try:
-    import icu as pyicu
-except ImportError:
-    try:
-        import PyICU as pyicu
-    except ImportError:
-        pyicu = None
+import PyICU as pyicu


def icu_object(mapping):
END
( cd lib/python2.7/site-packages ; git apply ../../../parsedatetime-patch )

(我想知道使用 pip 將 parsedatetime 降級到舊版本是否比修補其原始碼更可靠,但這對我有用。)

在@Michael Hampton 的建議下,我切換到了 CentOS 7 ( https://aws.amazon.com/marketplace/pp/B00O7WM7QW ),它幾乎可以開箱即用。

以下幾乎有效:

$ sudo bash
# yum install -y awscli certbot certbot-dns-route53

# certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d myapp.com
An unexpected error occurred:
DistributionNotFound: futures>=2.2.0,<4.0.0

# yum install python2-pip
# pip install futures

# certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d myapp.com
... now works

# aws sts get-caller-identity
... also works

…實際上,awscli in 的版本yum很舊,並且缺少一些 AWS 命令​​。我已經通過 pip 重新安裝了它,它是一個較新的版本。

但後來我得到https://github.com/certbot/certbot/issues/6328

AttributeError: 'module' object has no attribute 'pyopenssl'

引用自:https://serverfault.com/questions/1021224