Just an FYI for those caught by module not found exceptions when running certbot-auto on an AMI (Amazon Machine Image). I kept getting problems with the upgrade of certbot-auto on AMI. They say it’s alpha so not a suprise.

Tried rm -rf /opt/eff.org and re-run certbot-auto but still getting issues but I did the following and I seem to be able to run without throwing module not found errors now.

# install the latest available python for the AMI
yum install python36
# make python 3.6 the default system python. 
# Google for more info on adding an updating alternatives
alternatives --config python
pip install --upgrade pip
pip install -U certbot
# install the nginx plugin because I have nginx as a web server
pip install -U letsencrypt-nginx
# test the install of certbot and look for errors
certbot renew --dry-run

Finally create a script to run the certificate updates via chron

#!/bin/bash
# /usr/local/bin/cert-renew
unset PYTHON_INSTALL_LAYOUT

/usr/bin/certbot renew  --no-self-upgrade
# I ended up with
python --version
Python 3.6.7
pip --version
pip 19.0.1 from /usr/lib/python3.6/dist-packages/pip (python 3.6)
certbot --version
certbot 0.30.2

This post was prompted by https://community.letsencrypt.org/t/how-to-stop-using-tls-sni-01-with-certbot/83210