After upgrade to IPSConfig 3.2.4 letsencrypt not working

Hi,

I have just upgrade my multi server setup, but now I have some issues with lets encrypt.
This is from the lets encrypt log:
=============
Letsencrypt.log
2021-06-02 03:04:13,486:INFO:certbot.hooks:Running post-hook command: echo '1' > /usr/local/ispconfig/server/le.restart
2021-06-02 03:04:13,494EBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/bin/certbot", line 11, in <module>
sys.exit(main())
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1365, in main
return config.func(config, plugins)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1272, in renew
renewal.handle_renewal_request(config)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/renewal.py", line 477, in handle_renewal_request
len(renew_failures), len(parse_failures)))
Error: 4 renew failure(s), 0 parse failure(s).
=============

ispconfig_install.log:
Wed 02 Jun 2021 10:03:38 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/update.lib.php, Line 49: read in pre_update.sql
ERROR 1060 (42S21) at line 46: Duplicate column name 'folder_directive_snippets'
ERROR 1091 (42000) at line 6: Can't DROP CONSTRAINT `server_id`; check that it exists
ERROR 1064 (42000) at line 15: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''software_package'' at line 1
ERROR 1064 (42000) at line 16: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''software_repo'' at line 1
ERROR 1064 (42000) at line 17: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''software_update'' at line 1
ERROR 1064 (42000) at line 18: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''software_update_inst'' at line 1
Wed 02 Jun 2021 10:04:46 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 2555: EXECUTED: usermod -a -G ispapps www-data
Wed 02 Jun 2021 10:07:20 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3220: EXECUTED: cp -rf ../interface /usr/local/ispconfig
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3224: EXECUTED: cp -rf ../server /usr/local/ispconfig
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3231: EXECUTED: cp -rf ../security /usr/local/ispconfig
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3385: EXECUTED: chown root:root /usr/local/ispconfig
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3387: EXECUTED: chmod 755 /usr/local/ispconfig
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3391: EXECUTED: chmod -R 750 /usr/local/ispconfig/interface /usr/local/ispconfig/security /usr/local/ispconfig/server
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3395: EXECUTED: chown -R ispconfig:ispconfig /usr/local/ispconfig/interface
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3399: EXECUTED: chmod -R 755 /usr/local/ispconfig/interface/acme
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3403: EXECUTED: chown -R root:root /usr/local/ispconfig/server
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3407: EXECUTED: chown -R root:root /usr/local/ispconfig/security
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3411: EXECUTED: chown root:ispconfig /usr/local/ispconfig/security/security_settings.ini
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3413: EXECUTED: chown root:ispconfig /usr/local/ispconfig/security
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3415: EXECUTED: chown root:ispconfig /usr/local/ispconfig/security/ids.whitelist
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3417: EXECUTED: chown root:ispconfig /usr/local/ispconfig/security/ids.htmlfield
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3419: EXECUTED: chown root:ispconfig /usr/local/ispconfig/security/apache_directives.blacklist
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3421: EXECUTED: chown root:ispconfig /usr/local/ispconfig/security/nginx_directives.blacklist
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3481: EXECUTED: adduser www-data ispconfig
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3484: EXECUTED: adduser www-data ispapps
Wed 02 Jun 2021 10:07:21 PM CEST - [ISPConfig] - /tmp/ispconfig3_install/install/lib/installer_base.lib.php, Line 3498: EXECUTED: chmod +x /usr/local/ispconfig/server/scripts/create_daily_nginx_access_logs.sh /usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh /usr/local/ispconfig/server/scripts/create_jailkit_programs.sh /usr/local/ispconfig/server/scripts/create_jailkit_user.sh /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/ispconfig/server/scripts/letsencrypt_post_hook.sh /usr/local/ispconfig/server/scripts/letsencrypt_pre_hook.sh /usr/local/ispconfig/server/scripts/letsencrypt_renew_hook.sh /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/ispconfig/server/scripts/update_from_dev.sh /usr/local/ispconfig/server/scripts/update_from_dev_stable.sh /usr/local/ispconfig/server/scripts/update_from_svn.sh /usr/local/ispconfig/server/scripts/update_from_tgz.sh /usr/local/ispconfig/server/scripts/update_runner.sh /usr/local/ispconfig/server/scripts/update_stable.sh

=============

Before I upgraed is used lets encrypt with certbot. But now mabye this has been replaced with acme.sh ?
What can I do to fix this ?

Best regards
//Mr.Madsen

 

Have you now upgraded all hosts so they all run the same ISPConfig version?

 

ls: cannot access '/root/.acme*': No such file or directory :-(

apt list --installed | grep cert

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

ca-certificates/stable,stable-updates,now 20200601~deb10u2 all [installed]
python3-certifi/stable,now 2018.8.24-1 all [installed,automatic]
ssl-cert/stable,now 1.0.39 all [installed,automatic]

Very odd, I cant find the binary for letsencrypt/certbot.

root@web:/# /opt/eff.org/certbot/venv/bin/letsencrypt
Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 7, in <module>
from certbot.main import main
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 5, in <module>
import logging.handlers
File "/usr/lib/python2.7/logging/__init__.py", line 26, in <module>
import sys, os, time, cStringIO, traceback, warnings, weakref, collections
File "/usr/lib/python2.7/weakref.py", line 14, in <module>
from _weakref import (
ImportError: cannot import name _remove_dead_weakref
root@web:/# /opt/eff.org/certbot/venv/bin/letsencrypt


Best regards
//Mr.Madsen

 

Hi,

No, not yet. But the servers that is not updated is not webserveres.
This primary server is the webserver for now, and this server has the letsencrypt error.
I hope to get all serveres upgraded later tonight.

Best regards
//Mr.Madsen

 

Yes there is, but when I run it, it gives me this error:

user@10:~# ls -lh /opt/eff.org/certbot/venv/bin/certbot
-rwxr-xr-x 1 root root 235 Mar 26 2019 /opt/eff.org/certbot/venv/bin/certbot
-------------------
user@10:~# /opt/eff.org/certbot/venv/bin/certbot
Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/bin/certbot", line 7, in <module>
from certbot.main import main
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 5, in <module>
import logging.handlers
File "/usr/lib/python2.7/logging/__init__.py", line 26, in <module>
import sys, os, time, cStringIO, traceback, warnings, weakref, collections
File "/usr/lib/python2.7/weakref.py", line 14, in <module>
from _weakref import (
ImportError: cannot import name _remove_dead_weakref


Best regards
//Mr.Madsen

 

Hi Till, thank you so mutch. Please guide me,

I cant renember if certbot is installed within snap and Im not very fond in removing symlinks, I have done it wrong to many times.

 

.. i guess there is no symlink ?

user@10:~# ls -h /usr/bin/le
leaftoppm less lessecho lessfile lesskey lesspipe lex lexgrog

;-)

So,
1. mv /opt/eff.org /opt/eff.org_bak
2. Install from https://certbot.eff.org/ -> Debian 10 - Apache -> Follow guide with SNAP
3. Look at letsencrypt.log after errors ?

 

Hi again, okay, now im at step 6. Sorry for this post, but do you whant me to run step 6 also, or should I stop after step 5 ?

You write "until step 6"

 

IT WORKS .... thank you sooo mutch!