Bench lets-encrypt setup failing

Whenever I run the following command - it shows that it works, however ssl cert files are never created, which breaks my nginx config.

sudo -H bench setup lets-encrypt erp.mysite.com

Have you checked the log files? What was the “success” message running the command?

What I normally do is:
sudo -H bench setup lets-encrypt erp.mysite.com --custom-domain erp.mysite.com

virtualenv: error: unrecognized arguments: --no-site-packages
Traceback (most recent call last):
File “”, line 27, in
File “”, line 19, in create_venv
File “/usr/lib/python2.7/subprocess.py”, line 190, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘[‘virtualenv’, ‘–no-site-packages’, ‘–python’, ‘/usr/bin/python2.7’, ‘/opt/eff.org/certbot/venv’]’ returned non-zero exit status 2

1 Like

This is what I think is causing the problem I believe. When I follow all the prompts, it does everything except create the pem files in /etc/letsencrypt, so the file references in the nginx.conf file are no longer valid

same problem with me

Has anyone found a solution to this problem?

Hello

The problems comes because lets encrypt is no longer supporting certbot-auto, there is problem in setting up the environment .
This will try to configure the environment for certbot-auto to run.
sudo -H bench setup lets-encrypt erp.mysite.com --custom-domain erp.mysite.com

The nginx config files will be modified but the cert will not be created
See: https://github.com/frappe/bench/issues/1073

For now i have found two workarounds:

  1. run this command: USE_PYTHON_3=1 /opt/certbot-auto
    This will install the certbot-auto environment, and then you can request to create the cert…

  2. Follow the certbot installation instructions:
    https://certbot.eff.org/lets-encrypt/ubuntufocal-other
    For ubuntu:
    Stop the nginx service: sudo service nginx stop
    Install cerbot: sudo snap install --classic certbot
    Generate cert: sudo certbot certonly --standalone

In both steps the cert will be created in the same dir /etc/letsencrypt/…
Which is the same dir is configured when running
sudo -H bench setup lets-encrypt

So then you only need to do:
sudo service nginx start
sudo service nginx reload

14 Likes

Thank you very much. As I set up today a new development-server I run into the same issues. Your solution (#2) did the trick for me.

3 Likes

Thank you very much. Solution #2 also works for me.

1 Like

Thank you very much

Option 2 worked for me

any idea for below error

sanath@vmi322735:~$ sudo service nginx start
Job for nginx.service failed because the control process exited with error code.
See “systemctl status nginx.service” and “journalctl -xe” for details.
sanath@vmi322735:~$ systemctl status nginx.service
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: en
Active: failed (Result: exit-code) since Tue 2020-11-24 12:33:31 CET; 29s ago
Docs: man:nginx(8)
Process: 3782 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process
lines 1-5/5 (END)

I posted another workaround here:

2 Likes