Using the github version of certbot (formerly letsencrypt) to get Let’s Encrypt certificates
Posted by jpluimers on 2017/01/24
The Let’s Encrypt certbot (formerly letsencrypt) had some trouble on my machinery.
When trying to test if Apache default default · Issue #3307 · certbot/certbot and opensuse Tumbleweed: Each time I run certbot, a line with
Listen 443 gets added to
/etc/apache2/httpd.conf · Issue #3364 · certbot/certbot were fixed, I had to run certbot directly using specific github branches.
git clone https://github.com/certbot/certbot.git cd certbot ./cerbot-auto <<command-line-parameters>>
But the below does:
git clone https://github.com/certbot/certbot.git cd certbot git checkout -b <<branch-name>> ./letsencrypt-auto-source/letsencrypt-auto --os-packages-only ./tools/venv.sh source venv/bin/activate cerbot <<command-line-parameters>>
The last statement will run
./venv/bin/certbot but you can also hard-code that (or perform
which certbot to verify the directory is on the pat).
I used it to test with this branch:
git checkout -b origin/osrelease_like
The above are basically steps to setup a virtualenv as mentioned in Developer Guide — Certbot 0.9.0.dev0 documentation.
To undo, just run this from the
deactivate rm -rf venv
The first statement will adjust your path and the second get rid of the virtual environment including all packages that were downloaded in it.
If you forgot to remove the
venv directory, there might be old versions hanging around named like
venv.1470590779.bak where the number in the middle is the number of seconds since unix epoch (
1970-01-01 00:00:00 UTC) which you might want to remove as well.
Inside the venv environment you can use all kinds of Python tools, for instance:
pip install ipdbafter which you can add
import ipdb;ipdb.set_trace()to any source line to break right into the Python debugger. There, it will drop you into debug console, which is pretty much fully fledged Python interpreter.
pip freezeto show all installed Python packages.
While testing, you can use the
--staging command-line-options to use the Let’s Encrypt staging-environment this prevent running into the live environment rate limits (the main ones at time of writing are a Duplicate Certificate limit of 5 certificates per week and a Certificates per Registered Domain limit of 20 per week, whichever limit is lower).