- 1. 概要
- 2. 試行錯誤1
- 3. 試行錯誤2
1. 概要
ふと気づくと更新用のスクリプトが 2018年6月14日以降、エラーになっている。
エラーは、「certbot」の起動一発目から・・・。
試しにコマンドプロンプトから起動してみます。
> /usr/local/bin/certbot-3.6 renew --standalone --pre-hook "/usr/local/etc/rc.d/apache24 stop" --post-hook "/usr/local/etc/rc.d/apache24 start"
Traceback (most recent call last):
File "/usr/local/bin/certbot-3.6", line 11, in <module>
load_entry_point('certbot==0.25.0', 'console_scripts', 'certbot')()
File "/usr/local/lib/python3.6/site-packages/pkg_resources/__init__.py", line 476, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/local/lib/python3.6/site-packages/pkg_resources/__init__.py", line 2700, in load_entry_point
return ep.load()
File "/usr/local/lib/python3.6/site-packages/pkg_resources/__init__.py", line 2318, in load
return self.resolve()
File "/usr/local/lib/python3.6/site-packages/pkg_resources/__init__.py", line 2324, in resolve
module = __import__(self.module_name, fromlist=['__name__'], level=0)
File "/usr/local/lib/python3.6/site-packages/certbot/main.py", line 10, in <module>
import josepy as jose
File "/usr/local/lib/python3.6/site-packages/josepy/__init__.py", line 44, in <module>
from josepy.interfaces import JSONDeSerializable
File "/usr/local/lib/python3.6/site-packages/josepy/interfaces.py", line 8, in <module>
from josepy import errors, util
File "/usr/local/lib/python3.6/site-packages/josepy/util.py", line 4, in <module>
import OpenSSL
File "/usr/local/lib/python3.6/site-packages/OpenSSL/__init__.py", line 8, in <module>
from OpenSSL import crypto, SSL
File "/usr/local/lib/python3.6/site-packages/OpenSSL/crypto.py", line 16, in <module>
from OpenSSL._util import (
File "/usr/local/lib/python3.6/site-packages/OpenSSL/_util.py", line 6, in <module>
from cryptography.hazmat.bindings.openssl.binding import Binding
File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 13, in <module>
from cryptography.hazmat.bindings._openssl import ffi, lib
ImportError: /usr/local/lib/python3.6/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so: Undefined symbol "SSL_get0_next_proto_negotiated"
原因として考えられるのは、ここんとこ python2.7 を python3.6 に移行していたので、ついていってないモジュールがあるってことでしょうか。
2. 試行錯誤1
依存しているパッケージを片っ端から、再度インストールしたりしてみましたが一向に解決しません。
で、ふと気づくと少しメッセージが変わっている・・・。
> certbot
Traceback (most recent call last):
File "/usr/local/bin/certbot", line 7, in <module>
from certbot.main import main
File "/usr/local/lib/python3.6/site-packages/certbot/main.py", line 10, in <module>
import josepy as jose
File "/usr/local/lib/python3.6/site-packages/josepy/__init__.py", line 44, in <module>
from josepy.interfaces import JSONDeSerializable
File "/usr/local/lib/python3.6/site-packages/josepy/interfaces.py", line 8, in <module>
from josepy import errors, util
File "/usr/local/lib/python3.6/site-packages/josepy/util.py", line 4, in <module>
import OpenSSL
File "/usr/local/lib/python3.6/site-packages/OpenSSL/__init__.py", line 8, in <module>
from OpenSSL import crypto, SSL
File "/usr/local/lib/python3.6/site-packages/OpenSSL/crypto.py", line 16, in <module>
from OpenSSL._util import (
File "/usr/local/lib/python3.6/site-packages/OpenSSL/_util.py", line 6, in <module>
from cryptography.hazmat.bindings.openssl.binding import Binding
File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 13, in <module>
from cryptography.hazmat.bindings._openssl import ffi, lib
ImportError: /usr/local/lib/python3.6/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so: Undefined symbol "OPENSSL_no_config"
んで「OPENSSL_no_config」をキーワードに検索すると・・・。
「OPENSSL_no_config」って man ページにあるらしい。
ちらと読んで、その末尾に注目
SEE ALSO
conf(5), CONF_modules_load_file(3)
HISTORY
The OPENSSL_no_config() and OPENSSL_config() functions were deprecated
in OpenSSL 1.1.0 by OPENSSL_init_crypto().
なに!。OpenSSL 1.1.0 とな。
この時点で ports/security/openssl は 1.0.2o_4,1 で ports/security/openssl-devel が 1.1.0h_2。
つまり、openssl-devel でないとまずいのではないか・・・。
んでまぁ「openssl か openssl-devel か」で、openssl から openssl-devel へと行くわけです。
3. 試行錯誤2
openssl-devel に落ち着いて再度、動かそうとすると
> certbot
Traceback (most recent call last):
File "/usr/local/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.25.0', 'console_scripts', 'certbot')()
File "/usr/local/lib/python3.6/site-packages/pkg_resources/__init__.py", line 476, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/local/lib/python3.6/site-packages/pkg_resources/__init__.py", line 2700, in load_entry_point
return ep.load()
File "/usr/local/lib/python3.6/site-packages/pkg_resources/__init__.py", line 2318, in load
return self.resolve()
File "/usr/local/lib/python3.6/site-packages/pkg_resources/__init__.py", line 2324, in resolve
module = __import__(self.module_name, fromlist=['__name__'], level=0)
File "/usr/local/lib/python3.6/site-packages/certbot/main.py", line 10, in <module>
import josepy as jose
File "/usr/local/lib/python3.6/site-packages/josepy/__init__.py", line 44, in <module>
from josepy.interfaces import JSONDeSerializable
File "/usr/local/lib/python3.6/site-packages/josepy/interfaces.py", line 8, in <module>
from josepy import errors, util
File "/usr/local/lib/python3.6/site-packages/josepy/util.py", line 4, in <module>
import OpenSSL
File "/usr/local/lib/python3.6/site-packages/OpenSSL/__init__.py", line 8, in <module>
from OpenSSL import crypto, SSL
File "/usr/local/lib/python3.6/site-packages/OpenSSL/crypto.py", line 16, in <module>
from OpenSSL._util import (
File "/usr/local/lib/python3.6/site-packages/OpenSSL/_util.py", line 6, in <module>
from cryptography.hazmat.bindings.openssl.binding import Binding
File "/usr/local/lib/python3.6/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 13, in <module>
from cryptography.hazmat.bindings._openssl import ffi, lib
ImportError: /usr/local/lib/python3.6/site-packages/cryptography/hazmat/bindings/_openssl.abi3.so: Undefined symbol "SSL_get0_next_proto_negotiated"
あぁ、結局振り出しに戻ったのか・・・と思いつつ。
何か目につくキーワードが・・・。最初のうちは気づいていなかったが何度もインストールしなおしているうちに目につきました。
「openssl-devel」のオプションだよ!
ということで
cd /usr/ports/security/openssl-devel
make config
ここで「NEXTPROTONEG」のチェックをいれて
make clean
make
make deinstall
make install
これで、「certbot」が動作するようになりました。
|