The Let’s Encrypt certbot (formerly letsencrypt) had some trouble on my machinery.
When trying to test if Apache default default · Issue #3307 · certbot/certbot and opensuse Tumbleweed: Each time I run certbot, a line with Listen 443
gets added to /etc/apache2/httpd.conf
· Issue #3364 · certbot/certbot were fixed, I had to run certbot directly using specific github branches.
Normally certbot queries https://pypi.python.org/pypi/certbot/json to install the latest sanctioned version of itself. Which means this won’t work to run the version from github:
git clone https://github.com/certbot/certbot.git cd certbot ./cerbot-auto <<command-line-parameters>>
But the below does:
git clone https://github.com/certbot/certbot.git cd certbot git checkout -b <<branch-name>> ./letsencrypt-auto-source/letsencrypt-auto --os-packages-only ./tools/venv.sh source venv/bin/activate cerbot <<command-line-parameters>>
The last statement will run ./venv/bin/certbot
but you can also hard-code that (or perform which certbot
to verify the directory is on the pat).
I used it to test with this branch:
git checkout -b origin/osrelease_like
The above are basically steps to setup a virtualenv as mentioned in Developer Guide — Certbot 0.9.0.dev0 documentation.
To undo, just run this from the certbot
directory:
deactivate rm -rf venv
The first statement will adjust your path and the second get rid of the virtual environment including all packages that were downloaded in it.
If you forgot to remove the venv
directory, there might be old versions hanging around named like venv.1470590779.bak
where the number in the middle is the number of seconds since unix epoch (1970-01-01 00:00:00 UTC
) which you might want to remove as well.
Inside the venv environment you can use all kinds of Python tools, for instance:
- Perform
pip install ipdb
after which you can addimport ipdb;ipdb.set_trace()
to any source line to break right into the Python debugger. There, it will drop you into debug console, which is pretty much fully fledged Python interpreter. - Run
pip freeze
to show all installed Python packages.
While testing, you can use the --test-cert
or --staging
command-line-options to use the Let’s Encrypt staging-environment this prevent running into the live environment rate limits (the main ones at time of writing are a Duplicate Certificate limit of 5 certificates per week and a Certificates per Registered Domain limit of 20 per week, whichever limit is lower).
–jeroen