Certbot 安装Let’s Encrypt踩坑记录

 1、ImportError: /usr/lib64/python2.7/site-packages/OpenSSL/crypto.so: symbol X509_REVOKED_dup, version libcrypto.so.10 not defined in file libcrypto.so.10 with link time reference

大致的意思就是crypto.so有问题,也查了很多版本又说OpenSSL的问题,但是我机器是环境变量的问题

[root@izufok5hmn78z ~]# certbot -version
Traceback (most recent call last):
  File "/usr/bin/certbot", line 9, in <module>
    load_entry_point('certbot==1.3.0', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 564, in load_entry_point
    return get_distribution(dist).load_entry_point(group, name)
  File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2662, in load_entry_point
    return ep.load()
  File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2316, in load
    return self.resolve()
  File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2322, in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 2, in <module>
    from certbot._internal import main as internal_main
  File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 10, in <module>
    import josepy as jose
  File "/usr/lib/python2.7/site-packages/josepy/__init__.py", line 41, in <module>
    from josepy.interfaces import JSONDeSerializable
  File "/usr/lib/python2.7/site-packages/josepy/interfaces.py", line 7, in <module>
    from josepy import errors, util
  File "/usr/lib/python2.7/site-packages/josepy/util.py", line 7, in <module>
    import OpenSSL
  File "/usr/lib64/python2.7/site-packages/OpenSSL/__init__.py", line 36, in <module>
    from OpenSSL import crypto
ImportError: /usr/lib64/python2.7/site-packages/OpenSSL/crypto.so: symbol X509_REVOKED_dup, version libcrypto.so.10 not defined in file libcrypto.so.10 with link time reference
[root@izufok5hmn78z ~]# 

查找原因:找到这个外连接,是有个LD_LIBRARY_PATH 环境变量在控制,libssl.so.10已经指向了其他位置。

正确位置应该是:libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007ff603c7f000)

[root@izufok5hmn78z OpenSSL]# cd /usr/lib64/python2.7/site-packages/OpenSSL/
[root@izufok5hmn78z OpenSSL]# ldd crypto.so 
        linux-vdso.so.1 =>  (0x00007fff3875e000)
        libssl.so.10 => /xxxxxxxxxxxxxx/4.1.1/lib/libssl.so.10 (0x00007f2050486000)
        libcrypto.so.10 => /xxxxxxxxxxxx/4.1.1/lib/libcrypto.so.10 (0x00007f205009b000)
        libpython2.7.so.1.0 => /lib64/libpython2.7.so.1.0 (0x00007f204fcc6000)
        libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f204faaa000)
        libc.so.6 => /lib64/libc.so.6 (0x00007f204f6e8000)
        libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007f204f49b000)
        libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007f204f1b3000)
        libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007f204efae000)
        libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f204ed7b000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007f204eb77000)
        libz.so.1 => /lib64/libz.so.1 (0x00007f204e960000)
        libutil.so.1 => /lib64/libutil.so.1 (0x00007f204e75d000)
        libm.so.6 => /lib64/libm.so.6 (0x00007f204e45b000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f205090d000)
        libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007f204e24c000)
        libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007f204e048000)
        libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f204de2e000)
        libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f204dc06000)
        libpcre.so.1 => /lib64/libpcre.so.1 (0x00007f204d9a4000)
[root@izufok5hmn78z OpenSSL]# echo $LD_LIBRARY_PATH 
/xxxxxxxxxxxxxxxxxxxx/4.1.1/lib/

解决办法:每个人环境不同可能改变方式不同,我的是因为LD_LIBRARY_PATH 环境变量控制,临时用的话直接设置为空即可

[root@izufok5hmn78z OpenSSL]# export LD_LIBRARY_PATH=""
[root@izufok5hmn78z OpenSSL]# echo $LD_LIBRARY_PATH 

[root@izufok5hmn78z OpenSSL]# 

2、ImportError: cannot import name UnrewindableBodyError,借用别人一张图

解决办法:重装urllib3库

pip uninstall urllib3
pip install urllib3

3、certbot pkg_resources.DistributionNotFound: The 'urllib3<1.23,>=1.21.1' distribution was not found and is required by requests 

解决办法:直接运行 # easy_install urllib3==1.21.1

4、ImportError: 'pyOpenSSL' module missing required functionality. Try upgrading to v0.14 or newer.

应该是pyOpenSSL版本和依赖有问题。参考https://github.com/certbot/certbot/issues/5534

pip install --upgrade --force-reinstall 'requests==2.6.0'

如果执行失败,那先安装依赖包,因为我百度都试了一遍,最终成功的是上面这句

yum install -y python-devel
yum install -y openssl-devel
pip install pyOpenSSL

 

最后,certbot运行成功

[root@izufok5hmn78z OpenSSL]# certbot --version
certbot 1.3.0
[root@izufok5hmn78z OpenSSL]# 

 

  • 0
    点赞
  • 0
    收藏
  • 打赏
    打赏
  • 2
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
©️2022 CSDN 皮肤主题:大白 设计师:CSDN官方博客 返回首页
评论 2

打赏作者

格來羙、日出

你的鼓励将是我创作的最大动力

¥2 ¥4 ¥6 ¥10 ¥20
输入1-500的整数
余额支付 (余额:-- )
扫码支付
扫码支付:¥2
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值