Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Errors with AWS Let's Encrypt with Certbot on Amazon Linux 2 tutorial

0

Hi, I'm trying to follow the Let's Encrypt tutorial here, following the steps to the letter, however these instructions do not work.

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html#letsencrypt

I've set a new EB instance using PHP 7.3 running on 64bit Amazon Linux/2.9.13. SSH'd in, commands are all fine until the apache restart command:

sudo systemctl restart httpd
sudo: systemctl: command not found

Restarting Apache via other means works, but then when attempting to install certbot I'm seeing errors - missing dependencies:

sudo yum install -y certbot python2-certbot-apache
Error: Package: python2-six-1.9.0-0.el7.noarch (epel)
Requires: python-six >= 1.9.0
Available: python26-six-1.8.0-1.23.amzn1.noarch (amzn-main)
python-six = 1.8.0-1.23.amzn1
Error: Package: python2-josepy-1.3.0-2.el7.noarch (epel)
Requires: python2-setuptools
Error: Package: python2-certbot-apache-1.11.0-1.el7.noarch (epel-testing)
Requires: python-augeas
Error: Package: python2-certbot-1.11.0-1.el7.noarch (epel-testing)
Requires: python2-cryptography >= 1.2.3
Error: Package: python2-six-1.9.0-0.el7.noarch (epel)
Requires: python-six >= 1.9.0
Installing: python26-six-1.8.0-1.23.amzn1.noarch (amzn-main)
python-six = 1.8.0-1.23.amzn1
Error: Package: certbot-1.11.0-1.el7.noarch (epel-testing)
Requires: systemd
Error: Package: python2-acme-1.11.0-1.el7.noarch (epel-testing)
Requires: pyOpenSSL >= 0.13.1
Installing: python26-pyOpenSSL-0.10-2.8.amzn1.x86_64 (amzn-main)
pyOpenSSL = 0.10-2.8.amzn1
Error: Package: python2-acme-1.11.0-1.el7.noarch (epel-testing)
Requires: python2-pyasn1
Error: Package: python2-requests-2.6.0-0.el7.noarch (epel)
Requires: python-requests >= 2.6.0
Installing: python26-requests-1.2.3-5.10.amzn1.noarch (amzn-main)
python-requests = 1.2.3-5.10.amzn1
Error: Package: python2-acme-1.11.0-1.el7.noarch (epel-testing)
Requires: python2-cryptography
Error: Package: python2-josepy-1.3.0-2.el7.noarch (epel)
Requires: python2-cryptography
Error: Package: python2-acme-1.11.0-1.el7.noarch (epel-testing)
Requires: pyOpenSSL >= 0.13.1
Available: python26-pyOpenSSL-0.10-2.8.amzn1.x86_64 (amzn-main)
pyOpenSSL = 0.10-2.8.amzn1
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest

Note: I've tried both "you could try..." suggestions, but neither make any difference, and an attempt to run certbot confirms it's definitely not installed.

Until now I'd been using certbot-auto with success, however the deprecation of that has got me in a bit of a bind. It's really frustrating when the AWS docs don't actually yield results, so any help would be really appreciated!

Edited by: jwbrown83 on Jan 11, 2021 11:36 PM

Themen
Kalkulation
Tags
Amazon EC2
Sprache
English
jwbrown83
gefragt vor 3 Jahren672 Aufrufe
3 Antworten
0

Hi there,

The ".amzn1" identifier in the version strings that yum is reporting back indicates that you've deployed an EC2 instance using our previous generation Amazon Linux AMI (https://aws.amazon.com/amazon-linux-ami/) which has now reached its end-of-life, while the walkthrough you're referring to is specific to Amazon Linux 2 (https://aws.amazon.com/amazon-linux-2/) instances only.

You'll need to terminate your EB environment and recreate a new one.
Make sure that the new platform you deploy is using a 2.0.* AMI and not one versioned 2018.03.
https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html

I hope you find this advice helpful, otherwise please get in touch with Premium Support for further assistance.
https://aws.amazon.com/premiumsupport/

Regards,
Andrew

AWS
AWS-User-7363699
beantwortet vor 3 Jahren
0

Furthermore, if you're using an Elastic Load Balancer in your Elastic Beanstalk environment, you can actually request and deploy a free SSL certificate to it using the AWS Certificate Manager (https://aws.amazon.com/certificate-manager/) instead of going through the extra effort of setting up Let's Encrypt to run within your EC2 instance.

AWS
AWS-User-7363699
beantwortet vor 3 Jahren
0

I've considered that, but the extra cost of running the LB seems a bit prohibitive, thanks though!

jwbrown83
beantwortet vor 3 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt