I was testing the certbot on my Google Cloud / Google Compute Engine (CentOS 7) today, and I ran into the following issues:
sudo certbot certonly --apache Traceback (most recent call last): File "/bin/certbot", line 9, in module load_entry_point('certbot==1.4.0', 'console_scripts', 'certbot')() File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 378, in load_entry_point return get_distribution(dist).load_entry_point(group, name) File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 2566, in load_entry_point return ep.load() File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 2260, in load entry = __import__(self.module_name, globals(),globals(), ['__name__']) File "/usr/lib/python2.7/site-packages/certbot/main.py", line 2, infrom certbot._internal import main as internal_main File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 16, in from certbot import crypto_util File "/usr/lib/python2.7/site-packages/certbot/crypto_util.py", line 30, in from certbot import util File "/usr/lib/python2.7/site-packages/certbot/util.py", line 23, in from certbot._internal import constants File "/usr/lib/python2.7/site-packages/certbot/_internal/constants.py", line 6, in from acme import challenges File "/usr/lib/python2.7/site-packages/acme/challenges.py", line 11, in import requests File "/usr/lib/python2.7/site-packages/requests/__init__.py", line 58, in from . import utils File "/usr/lib/python2.7/site-packages/requests/utils.py", line 32, in from .exceptions import InvalidURL File "/usr/lib/python2.7/site-packages/requests/exceptions.py", line 10, in from urllib3.exceptions import HTTPError as BaseHTTPError File "/usr/lib/python2.7/site-packages/urllib3/__init__.py", line 8, in from .connectionpool import ( File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 11, in from .exceptions import ( File "/usr/lib/python2.7/site-packages/urllib3/exceptions.py", line 2, in from .packages.six.moves.http_client import ( File "/usr/lib/python2.7/site-packages/urllib3/packages/__init__.py", line 3, in from . import ssl_match_hostname ImportError: cannot import name ssl_match_hostname
In my case, it was caused by the stupid Google Cloud bloatware: Google Cloud SDK. When I set up the Google Cloud few years ago, Google loaded a lot of bloatware including Google Cloud SDK, which lives here: /usr/local/share/google/google-cloud-sdk/. If you take a look to this directory, you will notice that there are some python packages that may conflict with your system one. In my case, I have three conflicting packages, one from the EPEL repository, one from the PIP and one from Google Cloud SDK. They don’t get along with each other.
Here is what I did:
find /usr/ -name "ssl_match_hostname" #My Local server - Good and trouble free: /usr/lib/python2.7/site-packages/backports/ssl_match_hostname /usr/lib/python2.7/site-packages/urllib3/packages/ssl_match_hostname #Google Cloud Server - Bad and gave me trouble: /usr/lib/python2.7/site-packages/backports/ssl_match_hostname/ /usr/lib/python2.7/site-packages/pip/_vendor/urllib3/packages/ssl_match_hostname/ /usr/local/share/google/google-cloud-sdk/lib/third_party/urllib3/packages/ssl_match_hostname/
So I ended up removing this package and reinstalling everything again:
sudo yum remove python2-urllib3 #Notice that google-compute-engine and python-google-compute-engine are included here. They are the source of the problem: ============================================================================================================================================================================================================================================= Package Arch Version Repository Size ============================================================================================================================================================================================================================================= Removing: python2-urllib3 noarch 1.24.1-2.el7 @forensics 708 k Removing for dependencies: certbot noarch 1.4.0-1.el7 @epel 97 k google-compute-engine noarch 1:20190916.00-g2.el7 @google-cloud-compute 18 k python-google-compute-engine noarch 1:20191210.00-g1.el7 @google-cloud-compute 398 k python-requests noarch 2.6.0-9.el7_8 @updates 341 k python-requests-toolbelt noarch 0.8.0-3.el7 @epel 277 k python2-acme noarch 1.4.0-2.el7 @epel 347 k python2-boto noarch 2.45.0-3.el7 @epel 9.4 M python2-certbot noarch 1.4.0-1.el7 @epel 1.5 M python2-certbot-apache noarch 1.4.0-1.el7 @epel 579 k Transaction Summary ============================================================================================================================================================================================================================================= Remove 1 Package (+9 Dependent packages)
In my case, I reinstalled the packages I need:
#Reinstalling the certbot: sudo yum install certbot python2-certbot-apache
Good luck!
Our sponsors: