更新portage之后 安装 certbot
2024-09-29 21:26:45
运行的时候一直报如下的错误:
sudo certbot
错误结果:
Traceback (most recent call last):
File "/usr/lib/python-exec/python2.7/certbot", line 11, in <module>
load_entry_point('certbot==0.30.1', 'console_scripts', 'certbot')()
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 487, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2728, in load_entry_point
return ep.load()
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2346, in load
return self.resolve()
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2352, in resolve
module = __import__(self.module_name, fromlist=['__name__'], level=0)
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 10, in <module>
import josepy as jose
File "/usr/lib/python2.7/site-packages/josepy/__init__.py", line 44, in <module>
from josepy.interfaces import JSONDeSerializable
File "/usr/lib/python2.7/site-packages/josepy/interfaces.py", line 8, in <module>
from josepy import errors, util
File "/usr/lib/python2.7/site-packages/josepy/util.py", line 4, in <module>
import OpenSSL
File "/usr/lib/python2.7/site-packages/OpenSSL/__init__.py", line 8, in <module>
from OpenSSL import crypto, SSL
File "/usr/lib/python2.7/site-packages/OpenSSL/crypto.py", line 16, in <module>
from OpenSSL._util import (
File "/usr/lib/python2.7/site-packages/OpenSSL/_util.py", line 6, in <module>
from cryptography.hazmat.bindings.openssl.binding import Binding
File "/usr/lib/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 13, in <module>
from cryptography.hazmat.bindings._openssl import ffi, lib
ImportError: /usr/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so: undefined symbol: X509_get_signature_nid
搜索一圈无果
试图删除 cryptography 之后重新安装还是没用。
于是想到是不是因为openssl太旧了。
更新下
sudo emerge -u dev-libs/openssl
重新安装certbot,
sudo emerge -av app-crypt/certbot app-crypt/certbot-nginx
再次运行
sudo certbot --nginx
结果如下:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError("Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.",)
恩,虽然没成功,但是没有代码错误了
以上错误是因为 nginx 没有放到环境变量中去,我系统的真正的nginx在/opt/nginx/sbin/nginx,于是我做了个软链接。
sudo ln -s /opt/nginx/sbin/nginx /usr/local/bin/nginx
再次执行命令
sudo certbot --nginx
得到结果:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: PluginError('Nginx build is missing SSL module (--with-http_ssl_module).',)
查看nginx版本
$ nginx -V 结果:
nginx version: nginx/1.6.3
built by gcc 4.8.4 (Gentoo 4.8.4 p1.5, pie-0.6.1)
configure arguments: --prefix=/opt/nginx --with-http_geoip_module --add-module=/usr/src/passenger-4.0.53/ext/nginx
果然是没有ssl模块!
决定rebuild下nginx with ssl
下载nginx,我之前有下载过1.6.2还保留在那,于是直接进目录重新build。运行下面命令的时候最好用root权限
./configure --prefix=/opt/nginx --with-http_ssl_module --with-http_gzip_static_module --with-http_stub_status_module --with-cc-opt=-Wno-error --with-http_geoip_module --add-module=/usr/src/passenger-4.0.53/ext/nginx
make && make install
完成, 再检查一次nginx版本,已经加上了ssl模块
$ nginx -V
结果:
nginx version: nginx/1.6.2
built by gcc 5.4.0 (Gentoo 5.4.0-r3 p1.3, pie-0.6.5)
TLS SNI support enabled
configure arguments: --prefix=/opt/nginx --with-http_ssl_module --with-http_gzip_static_module --with-http_stub_status_module --with-cc-opt=-Wno-error --with-http_geoip_module --add-module=/usr/src/passenger-4.0.53/ext/nginx
返回最初的certbot命令再来一次, 提示我去做设置了,成功在即!
$ sudo certbot --nginx
Password:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel):
跟着提示填上email,选择需要activate HTTPS 的域名。至此nginx配置成功
重启nginx出现如下错误
sudo /etc/init.d/nginx restart
Password:
* Checking nginx' configuration ... [ ok ]
* Stopping nginx ... [ ok ]
* Starting nginx ...
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] still could not bind()
* start-stop-daemon: failed to start `/opt/nginx/sbin/nginx'
* Failed to start nginx [ !! ]
* ERROR: nginx failed to start
上述错误是因为我安装shadowsocket代理的时候占用了443 端口,于是我把shadowsocket绑定的端口改成543,然后重新启动nginx。
解决办法:
sudo fuser -k 443/tcp
sudo /etc/init.d/nginx restart
最新文章
- [Java] Maven 建立 Spring MVC 工程
- The server encountered an internal error that prevented it from fulfilling this request.
- JavaScript Patterns 4.2 Callback Pattern
- hdoj4906 Our happy ending(2014 Multi-University Training Contest 4)
- jgroups 入门
- [MODx] 2. Install some useful packages into ur MODx
- HW4.10
- linux下神奇的script命令
- 快速设置IP的脚本
- Android内存泄漏监测(MAT)及解决办法
- java学习之动态代理模式
- 自己的包poi操作Excel工具
- HDU-5086-Revenge of Segment Tree
- ROJ 1166 超级贞鱼
- Swift PlayGround无限Running问题
- Ansible playbook 部署filebeat
- 关于模板引擎handlebars.js基本用法
- 2016年蓝桥杯省赛A组c++第8题(暴力求解)
- GameObject.SendMessage
- Linux-(telnet,wget)
热门文章
- Python爬虫|爬取喜马拉雅音频
- bzoj3427:[POI2013]BAJ-Bytecomputer
- 学习Spring Boot看这两个开源项目就够了!非得值得收藏的资源
- 解决:npm中 下载速度慢 和(无法将“nrm”项识别为 cmdlet、函数、脚本文件或可运行程序的名称。请检查名称的拼写,如果包括路径,请确保路径正确, 然后再试一次)。
- Codeforces Round #541 (Div. 2) A.Sea Battle
- 利用HttpClient4访问网页
- 114 Flatten Binary Tree to Linked List 二叉树转换链表
- Less学习(2)(完结)
- Nginx 开启多核cpu配置
- SVM为什么需要核函数