Install Certbot in Red Hat Enterprise Linux 8 manually

Question

I'm just using Red Hat Enterprise Linux 8 and the EPEL release ver 8 not released yet. So I choose manual installation and following this step:

https://certbot.eff.org/lets-encrypt/pip-nginx

And I always getting this Error

sudo /usr/local/bin/certbot-auto certonly --nginx --verbose --debug
[sudo] password for haidarvm: 
Bootstrapping dependencies for RedHat-based OSes... (you can skip this with --no-bootstrap)
dnf is /bin/dnf
dnf is hashed (/bin/dnf)
Updating Subscription Management repositories.
Last metadata expiration check: 2:06:59 ago on Jum 12 Jul 2019 06:04:00  +08.
Package gcc-8.2.1-3.5.el8.x86_64 is already installed.
Package augeas-libs-1.10.1-8.el8.x86_64 is already installed.
Package openssl-1:1.1.1-8.el8.x86_64 is already installed.
Package openssl-devel-1:1.1.1-8.el8.x86_64 is already installed.
Package libffi-devel-3.1-18.el8.x86_64 is already installed.
Package redhat-rpm-config-116-1.el8.noarch is already installed.
Package ca-certificates-2018.2.24-6.el8.noarch is already installed.
Package python2-libs-2.7.15-22.module+el8.0.0+2961+596d0223.x86_64 is already installed.
Package python2-setuptools-39.0.1-11.module+el8.0.0+2961+596d0223.noarch is already installed.
Package python2-devel-2.7.15-22.module+el8.0.0+2961+596d0223.x86_64 is already installed.
Package python2-virtualenv-15.1.0-18.module+el8.0.0+2961+596d0223.noarch is already installed.
Package python2-tools-2.7.15-22.module+el8.0.0+2961+596d0223.x86_64 is already installed.
Package python2-pip-9.0.3-13.module+el8.0.0+2961+596d0223.noarch is already installed.
Dependencies resolved.
Nothing to do.
Complete!
Creating virtual environment...
Traceback (most recent call last):
  File "<stdin>", line 27, in <module>
  File "<stdin>", line 19, in create_venv
  File "/usr/lib64/python2.7/subprocess.py", line 185, in check_call
    retcode = call(*popenargs, **kwargs)
  File "/usr/lib64/python2.7/subprocess.py", line 172, in call
    return Popen(*popenargs, **kwargs).wait()
  File "/usr/lib64/python2.7/subprocess.py", line 394, in __init__
    errread, errwrite)
  File "/usr/lib64/python2.7/subprocess.py", line 1047, in _execute_child
    raise child_exception
OSError: [Errno 2] No such file or directory

My System Details is :

Static hostname: xxx.xxx.xxx
         Icon name: computer-vm
           Chassis: vm
    Virtualization: kvm
  Operating System: Red Hat Enterprise Linux 8.0 (Ootpa)
       CPE OS Name: cpe:/o:redhat:enterprise_linux:8.0:GA
            Kernel: Linux 4.18.0-80.4.2.el8_0.x86_64
      Architecture: x86-64

Is Anyone tried Certbot with RHEL 8 ?

Answer 1

Certbot is fully supported under RHEL/CentOS 8 now. Just run

wget https://dl.eff.org/certbot-auto
chmod +x certbot-auto

For apache

./certbot-auto --apache

For nginx

./certbot-auto --nginx

It installed on my CentOS 8 minimal installation:

Package openssl-1:1.1.1-8.el8.x86_64 is already installed.
Package ca-certificates-2018.2.24-6.el8.noarch is already installed.
Dependencies resolved.
=========================================================================================================
 Package                     Arch        Version                                    Repository      Size
=========================================================================================================
Installing:
 gcc                         x86_64      8.2.1-3.5.el8                              AppStream       23 M
 python3-virtualenv          noarch      15.1.0-18.module_el8.0.0+33+0a10c0e1       AppStream      1.7 M
 python36                    x86_64      3.6.8-2.module_el8.0.0+33+0a10c0e1         AppStream       19 k
 python36-devel              x86_64      3.6.8-2.module_el8.0.0+33+0a10c0e1         AppStream       16 k
 redhat-rpm-config           noarch      116-1.el8.0.1                              AppStream       82 k
 augeas-libs                 x86_64      1.10.1-8.el8                               BaseOS         392 k
 libffi-devel                x86_64      3.1-18.el8                                 BaseOS          28 k
 openssl-devel               x86_64      1:1.1.1-8.el8                              BaseOS         2.3 M

and a lot more packages as dependencies, including the above mentioned python3-virtualenv. Follow certbot documentation for further help.

Answer 2

I'm getting help from Brad Warren member of certbot: https://github.com/certbot/certbot/issues/7241

He help me just a simple single command by installing :

$ sudo dnf install python3-virtualenv

And Everything runs fine and smooth, here's the result :

sudo /usr/local/bin/certbot-auto --nginx --verbose --debug

Nothing to do.
Complete!
Creating virtual environment...
Running virtualenv with interpreter /bin/python2.7
New python executable in /opt/eff.org/certbot/venv/bin/python2.7
Also creating executable in /opt/eff.org/certbot/venv/bin/python
Installing setuptools, pip, wheel...done.
Installing Python packages...

Collecting ConfigArgParse==0.14.0 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 7))
  Downloading https://files.pythonhosted.org/packages/55/ea/f0ade52790bcd687127a302b26c1663bf2e0f23210d5281dbfcd1dfcda28/ConfigArgParse-0.14.0.tar.gz
Collecting asn1crypto==0.24.0 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 9))
  Downloading https://files.pythonhosted.org/packages/ea/cd/35485615f45f30a510576f1a56d1e0a7ad7bd8ab5ed7cdc600ef7cd06222/asn1crypto-0.24.0-py2.py3-none-any.whl (101kB)
    100% |████████████████████████████████| 102kB 30.5MB/s 
Collecting certifi==2019.3.9 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 12))
  Downloading https://files.pythonhosted.org/packages/60/75/f692a584e85b7eaba0e03827b3d51f45f571c2e793dd731e598828d380aa/certifi-2019.3.9-py2.py3-none-any.whl (158kB)
    100% |████████████████████████████████| 163kB 68.6MB/s 
Collecting cffi==1.12.2 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 15))
  Downloading https://files.pythonhosted.org/packages/9d/6f/aea9f5559fb593da07ff34e67513bd62483b45715b4a5f5fae6a0a5792ea/cffi-1.12.2-cp27-cp27mu-manylinux1_x86_64.whl (413kB)
    100% |████████████████████████████████| 419kB 19.6MB/s 
Collecting chardet==3.0.4 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 44))
  Downloading https://files.pythonhosted.org/packages/bc/a9/01ffebfb562e4274b6487b4bb1ddec7ca55ec7510b22e4c51f14098443b8/chardet-3.0.4-py2.py3-none-any.whl (133kB)
    100% |████████████████████████████████| 143kB 51.9MB/s 
Collecting configobj==5.0.6 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 47))
  Downloading https://files.pythonhosted.org/packages/64/61/079eb60459c44929e684fa7d9e2fdca403f67d64dd9dbac27296be2e0fab/configobj-5.0.6.tar.gz
Collecting cryptography==2.6.1 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 49))
  Downloading https://files.pythonhosted.org/packages/c3/c1/cf8665c955c9393e9ff0872ba6cd3dc6f46ef915e94afcf6e0410508ca69/cryptography-2.6.1-cp27-cp27mu-manylinux1_x86_64.whl (2.3MB)
    100% |████████████████████████████████| 2.3MB 46.4MB/s 
Collecting enum34==1.1.6 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 71))
  Downloading https://files.pythonhosted.org/packages/c5/db/e56e6b4bbac7c4a06de1c50de6fe1ef3810018ae11732a50f15f62c7d050/enum34-1.1.6-py2-none-any.whl
Collecting funcsigs==1.0.2 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 76))
  Downloading https://files.pythonhosted.org/packages/69/cb/f5be453359271714c01b9bd06126eaf2e368f1fddfff30818754b5ac2328/funcsigs-1.0.2-py2.py3-none-any.whl
Collecting future==0.17.1 (from -r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 79))
  Downloading https://files.pythonhosted.org/packages/90/52/e20466b85000a181e1e144fd8305caf2cf475e2f9674e797b222f8105f5f/future-0.17.1.tar.gz (829kB)
    100% |████████████████████████████████| 829kB 70.0MB/s 
....
Requirement already satisfied: setuptools>=1.0 in /opt/eff.org/certbot/venv/lib/python2.7/site-packages (from josepy==1.1.0->-r /tmp/tmp.B6Gcl1HiRV/letsencrypt-auto-requirements.txt (line 87))
Installing collected packages: ConfigArgParse, asn1crypto, certifi, pycparser, cffi, chardet, six, configobj, enum34, ipaddress, cryptography, funcsigs, future, idna, pyOpenSSL, josepy, pbr, mock, parsedatetime, pytz, pyRFC3339, pyparsing, python-augeas, urllib3, requests, requests-toolbelt, zope.interface, zope.proxy, zope.deferredimport, zope.deprecation, zope.hookable, zope.event, zope.component, acme, certbot, letsencrypt, certbot-apache, certbot-nginx
  Running setup.py install for ConfigArgParse ... done
  Running setup.py install for pycparser ... done
  Running setup.py install for configobj ... done
  Running setup.py install for future ... done
  Running setup.py install for python-augeas ... done
  Running setup.py install for zope.proxy ... done
  Running setup.py install for zope.hookable ... done
Successfully installed ConfigArgParse-0.14.0 acme-0.36.0 asn1crypto-0.24.0 certbot-0.36.0 certbot-apache-0.36.0 certbot-nginx-0.36.0 certifi-2019.3.9 cffi-1.12.2 chardet-3.0.4 configobj-5.0.6 cryptography-2.6.1 enum34-1.1.6 funcsigs-1.0.2 future-0.17.1 idna-2.8 ipaddress-1.0.22 josepy-1.1.0 letsencrypt-0.7.0 mock-1.3.0 parsedatetime-2.4 pbr-5.1.3 pyOpenSSL-19.0.0 pyRFC3339-1.1 pycparser-2.19 pyparsing-2.3.1 python-augeas-0.5.0 pytz-2018.9 requests-2.21.0 requests-toolbelt-0.9.1 six-1.12.0 urllib3-1.24.2 zope.component-4.5 zope.deferredimport-4.3 zope.deprecation-4.4.0 zope.event-4.4 zope.hookable-4.2.0 zope.interface-4.6.0 zope.proxy-4.3.1
Installation succeeded.
Root logging level set at 10
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requested authenticator nginx and installer nginx
Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f22224214d0>
Prep: True
Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f22224214d0>
Prep: True
...
Reporting to user: Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/haidar.online/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/haidar.online/privkey.pem
Your cert will expire on 2019-10-11. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again. To non-interactively renew *all* of your certificates, run "certbot-auto renew"
Reporting to user: If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
Donating to EFF:                    https://eff.org/donate-le



IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/haidar.online/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/haidar.online/privkey.pem
   Your cert will expire on 2019-10-11. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot-auto
   again. To non-interactively renew *all* of your certificates, run
   "certbot-auto renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

It's running perfectly on my Server. thanks a lot, i really appreciate that

btw i'm running it still use certbot version 0.36.0