By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Errors with AWS Let's Encrypt with Certbot on Amazon Linux 2 tutorial

0

Hi, I'm trying to follow the Let's Encrypt tutorial here, following the steps to the letter, however these instructions do not work.

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html#letsencrypt

I've set a new EB instance using PHP 7.3 running on 64bit Amazon Linux/2.9.13. SSH'd in, commands are all fine until the apache restart command:

sudo systemctl restart httpd
sudo: systemctl: command not found

Restarting Apache via other means works, but then when attempting to install certbot I'm seeing errors - missing dependencies:

sudo yum install -y certbot python2-certbot-apache
Error: Package: python2-six-1.9.0-0.el7.noarch (epel)
Requires: python-six >= 1.9.0
Available: python26-six-1.8.0-1.23.amzn1.noarch (amzn-main)
python-six = 1.8.0-1.23.amzn1
Error: Package: python2-josepy-1.3.0-2.el7.noarch (epel)
Requires: python2-setuptools
Error: Package: python2-certbot-apache-1.11.0-1.el7.noarch (epel-testing)
Requires: python-augeas
Error: Package: python2-certbot-1.11.0-1.el7.noarch (epel-testing)
Requires: python2-cryptography >= 1.2.3
Error: Package: python2-six-1.9.0-0.el7.noarch (epel)
Requires: python-six >= 1.9.0
Installing: python26-six-1.8.0-1.23.amzn1.noarch (amzn-main)
python-six = 1.8.0-1.23.amzn1
Error: Package: certbot-1.11.0-1.el7.noarch (epel-testing)
Requires: systemd
Error: Package: python2-acme-1.11.0-1.el7.noarch (epel-testing)
Requires: pyOpenSSL >= 0.13.1
Installing: python26-pyOpenSSL-0.10-2.8.amzn1.x86_64 (amzn-main)
pyOpenSSL = 0.10-2.8.amzn1
Error: Package: python2-acme-1.11.0-1.el7.noarch (epel-testing)
Requires: python2-pyasn1
Error: Package: python2-requests-2.6.0-0.el7.noarch (epel)
Requires: python-requests >= 2.6.0
Installing: python26-requests-1.2.3-5.10.amzn1.noarch (amzn-main)
python-requests = 1.2.3-5.10.amzn1
Error: Package: python2-acme-1.11.0-1.el7.noarch (epel-testing)
Requires: python2-cryptography
Error: Package: python2-josepy-1.3.0-2.el7.noarch (epel)
Requires: python2-cryptography
Error: Package: python2-acme-1.11.0-1.el7.noarch (epel-testing)
Requires: pyOpenSSL >= 0.13.1
Available: python26-pyOpenSSL-0.10-2.8.amzn1.x86_64 (amzn-main)
pyOpenSSL = 0.10-2.8.amzn1
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest

Note: I've tried both "you could try..." suggestions, but neither make any difference, and an attempt to run certbot confirms it's definitely not installed.

Until now I'd been using certbot-auto with success, however the deprecation of that has got me in a bit of a bind. It's really frustrating when the AWS docs don't actually yield results, so any help would be really appreciated!

Edited by: jwbrown83 on Jan 11, 2021 11:36 PM

Topics
Compute
Tags
Amazon EC2
Language
English
jwbrown83
asked 3 years ago661 views
3 Answers
0

Hi there,

The ".amzn1" identifier in the version strings that yum is reporting back indicates that you've deployed an EC2 instance using our previous generation Amazon Linux AMI (https://aws.amazon.com/amazon-linux-ami/) which has now reached its end-of-life, while the walkthrough you're referring to is specific to Amazon Linux 2 (https://aws.amazon.com/amazon-linux-2/) instances only.

You'll need to terminate your EB environment and recreate a new one.
Make sure that the new platform you deploy is using a 2.0.* AMI and not one versioned 2018.03.
https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html

I hope you find this advice helpful, otherwise please get in touch with Premium Support for further assistance.
https://aws.amazon.com/premiumsupport/

Regards,
Andrew

AWS
AWS-User-7363699
answered 3 years ago
0

Furthermore, if you're using an Elastic Load Balancer in your Elastic Beanstalk environment, you can actually request and deploy a free SSL certificate to it using the AWS Certificate Manager (https://aws.amazon.com/certificate-manager/) instead of going through the extra effort of setting up Let's Encrypt to run within your EC2 instance.

AWS
AWS-User-7363699
answered 3 years ago
0

I've considered that, but the extra cost of running the LB seems a bit prohibitive, thanks though!

jwbrown83
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content