After upgrading one of our servers to Debian 10 ‘Buster’ the letsencrypt CRON job reported this error:
Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
from certbot.main import main
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 6, in <module>
import logging.handlers
File "/usr/lib/python2.7/logging/__init__.py", line 26, in <module>
import sys, os, time, cStringIO, traceback, warnings, weakref, collections
File "/usr/lib/python2.7/weakref.py", line 14, in <module>
from _weakref import (
ImportError: cannot import name _remove_dead_weakrefOne of the upgrades in Debian 10 is a Python upgrade to v3.7.2. This caused my certbot renewal to break.
How to fix the error:
sudo apt updateNext, install the dependencies for the python3-certbot-nginx package, which include the python3-acme, python3-certbot, python3-mock, python3-openssl, python3-pkg-resources, python3-pyparsing, and python3-zope.interface packages
sudo apt install python3-acme python3-certbot python3-mock python3-openssl python3-pkg-resources python3-pyparsing python3-zope.interface
Finally, install the python3-certbot-nginx package:
sudo apt install python3-certbot-nginx
To verify that your certbot is working properly:
certbot renew --dry-run
Don’t forget to check your Cron jobs…
In my case – the old Cron job for Let’s Encrypt renewals remained broken, so I disabled it and created a new one.
Old Cron:
/opt/letsencrypt/letsencrypt-auto renew >> /var/log/le-renew.logNew Cron:
certbot renew >> /var/log/le-renew.log
