The Let’s Encrypt SSL certificate is valid for 90 days and the users will need to renew the SSL certificate every 90 days. So in order to make this automated, we will be setting up a cron job that will automatically renew the SSL certificates which are about to expire. The Certbot auto-renew option provides the user to auto-renew your Let's Encrypt SSL certificate automatically through a cron job. In certain cases in which the OS version is Ubuntu 12.04 LTS the certbot auto-renew option will stop working with the following error.
/opt/eff.org/certbot/venv/bin/python: No module named pip.__main__; 'pip' is a package and cannot be directly executed Traceback (most recent call last): ? File "/tmp/tmp.fpN7wJrJm9/pipstrap.py", line 177, in <module> ? ? sys.exit(main()) ? File "/tmp/tmp.fpN7wJrJm9/pipstrap.py", line 149, in main ? ? pip_version = StrictVersion(check_output([python, '-m', 'pip', '--version']) ? File "/usr/lib/python2.7/subprocess.py", line 544, in check_output ? ? raise CalledProcessError(retcode, cmd, output=output) subprocess.CalledProcessError: Command '['/opt/eff.org/certbot/venv/bin/python', '-m', 'pip', '--version']' returned non-zero exit status 1
The cause of the issue is with the use of python command in the local version of certbot which is no longer supported in Ubuntu 12.04 version which is outdated. You need to modify your local version of certbot-auto to use pip install instead of python -m pip AND use --no-self-upgrade.?
The solution for the problem is to either upgrade the OS version to the latest LTS which is always the recommended option. Also, as a quick fix, you will be able to revert the certbot version to 0.31 and re-run the SSL renewal commands.
Please see below the commands for this fix:
wget https://raw.githubusercontent.com/certbot/certbot/75499277be6699fd5a9b884837546391950a3ec9/certbot-auto chmod +x ./certbot-auto ./certbot-auto --no-self-upgrade