AWS: Your system is not supported by certbot-auto anymore

Question

Trying to renew letsencript on Amazon Linux 2 using certbot and I get the following message:

Your system is not supported by certbot-auto anymore. Certbot cannot be installed.

I am totally lost and I do not know what to do. I cannot find any exhaustive documentation that gives a solution.

we need to build the solution, it think its too near Nov2020 when el6 hit EOL. It needs python27 based system, and el6 is python26 in general i think. you can put python27 on there, but run into issues still, because certbot has some kind of blocker. I do have one working el6 implementation using virtulenv, so maybe setup as developer for now until a better solution is found. — blamb, Jan 29 '21 at 00:41
certbot-auto now gives errors: `...is not suported on this system` (or alike). You need to install `certbot` package from official repos. [See here](https://certbot.eff.org/docs/install.html#operating-system-packages) — TechnicalGuru, Dec 11 '20 at 09:18

score 7 · Answer 1 · answered Nov 02 '20 at 17:03

According to https://community.letsencrypt.org/t/certbot-1-9-0-release/135414 :

Changed
certbot-auto was deprecated on all systems except for those based on Debian or RHEL.

And from this website: https://community.letsencrypt.org/t/fail-to-detect-amazon-linux-2-certbot/136140

The best chance to get Certbot working on Amazon Linux 2 is to install the rpm from EPEL as described here: https://aws.amazon.com/blogs/compute/extending-amazon-linux-2-with-epel-and-lets-encrypt/

score 5 · Accepted Answer · answered Dec 13 '20 at 23:42

5

Here is instructions on how to install certbot on any system: https://certbot.eff.org/instructions

Particularly for Ubuntu 18.04 with Nginx webserver I was able to install certbot using the following commands:

snap install core
snap refresh core
snap install --classic certbot

Then you can run certbot using certbot command

answered Dec 13 '20 at 23:42

AlexT

134
1
3

this may be outdated already? their instructions are still good, then when you follow then, and install successfully, when you first run it you get this error. also an FYI, snapd wont work on el6, its for el7/systemd i think. – blamb Jan 29 '21 at 00:51

score 4 · Answer 3 · answered Jan 14 '21 at 20:57

4

What worked for me was to follow this part from Extending Amazon Linux 2 with EPEL official docs:

cd /tmp
wget -O epel.rpm –nv \
https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sudo yum install -y ./epel.rpm
sudo yum install python2-certbot-apache.noarch

After that, certbot renew started to work.

answered Jan 14 '21 at 20:57

Ivan Aracki

4,861
11
59
73

I think this answer is more for an el7, where the OP i think is for an el6, where that error is generated . Your solution requires systemd, and python parts that wont exist in an el6 (centos6 anyway) – blamb Jan 29 '21 at 00:28

score 4 · Answer 4 · edited Jan 20 '21 at 17:11

4

We dropped certbot altogether on our amazon linux as we couldn't install snapd. We are using getssl (another acme client) and it is looking good. getssl on github

edited Jan 20 '21 at 17:11

Suraj Rao

29,388
11
94
103

answered Jan 20 '21 at 17:03

goelectric

320
3
10

3

Thanks to this note. I gave up on certbot and used getssl as well. I have documented my journey here in case it helps someone - https://millionclues.com/tutorials/lets-encrypt-on-amazon-aws-ec2-with-getssl/ – Arun Basil Lal Mar 05 '21 at 16:56
@ArunBasilLal Thanks, that was a great writeup – Regneel Apr 01 '21 at 21:32

score 1 · Answer 5 · answered Dec 04 '20 at 12:27

For Ubuntu 16.04, Let’s Encrypt client (certbot). Reset or set up a new AWS Instance(Linux).

sudo apt install software-properties-common

sudo add-apt-repository ppa:certbot/certbot

sudo apt update

sudo apt install certbot python3-certbot-nginx

To check version number, run

certbot --version

Sample output:

certbot 0.31.0

The below command only works when port 80 is open AWS

sudo certbot --nginx --agree-tos --redirect --uir --hsts --staple-ocsp --must-staple -d www.example.com,example.com --email you@example.com

score 1 · Answer 6 · answered Jun 08 '21 at 20:36

You'll have to install certbot instead of certbot-auto

The official certbot docs recommend installing it using snapd but unfortunately you cannot install snapd on Amazon Linux 2 due to some missing selinux dependencies

You have 2 options at this point

Install it using epel-extras (easier but older certbot)

Remove certbot-auto first

sudo amazon-linux-extras install epel
sudo yum install -y certbot python-certbot-dns-route53

Install it using pip (a little complicated but you get the latest certbot)

Remove certbot-auto
Make sure you have python3 and pip installed

sudo python3 -m venv /opt/certbot/
sudo /opt/certbot/bin/pip install --upgrade pip
sudo /opt/certbot/bin/pip install certbot
sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
sudo /opt/certbot/bin/pip install certbot-dns-route53

And how to use it after install? How to get certificate & renew? — Victor Nikitin, Sep 06 '21 at 15:18