# Certbot



## Mwh65 (Mar 25, 2022)

FreeBSD version 12.2

I seem to have got deja vu here but yet again there is a dependency issue with Certbot 1.22 ...



> pkg_resources.ContextualVersionConflict: (cryptography 3.3.2 (/usr/local/lib/python3.8/site-packages), Requirement.parse('cryptography>=35.0'), {'PyOpenSSL'})



It looks like PyOpenSSL 20.0.1 requires at least version 35.0.0 of py-cryptography which doesn't seem to be available anywhere. In fact looking at the latest version which is py38-cryptography 3.3.2 this list seems to indicate this version is nearly 14 months old and there has been a few newer versions since ...









						cryptography
					

cryptography is a package which provides cryptographic recipes and primitives to Python developers.




					pypi.org
				




Any help on a way forward would be appreciated.


----------



## trev (Mar 25, 2022)

The security/acme.sh shell script is far less problematical.

- An ACME protocol client written purely in Shell (Unix shell) language.
- Full ACME protocol implementation.
- Support ECDSA certs
- Support SAN and wildcard certs
- Simple, powerful and very easy to use. You only need 3 minutes to learn it.
- Bash, dash and sh compatible.
- Purely written in Shell with no dependencies on python.
- Just one script to issue, renew and install your certificates automatically.
- DOES NOT require `root/sudoer` access.
- Docker ready
- IPv6 ready
- Cron job notifications for renewal or error etc.


----------



## Mwh65 (Mar 26, 2022)

Thank you for this. Will take a look at it.


----------



## covacat (Mar 26, 2022)

certbot is the definition of bloatware

```
[user@hpbsd ~]$ sudo pkg install py38-certbot
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 23 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
    py38-acme: 1.22.0,1
    py38-certbot: 1.22.0,1
    py38-certifi: 2021.10.8
    py38-cffi: 1.15.0
    py38-chardet: 4.0.0,1
    py38-configargparse: 1.5.3
    py38-configobj: 5.0.6_1
    py38-cryptography: 3.3.2
    py38-distro: 1.6.0
    py38-idna: 2.10
    py38-josepy: 1.10.0
    py38-openssl: 20.0.1
    py38-parsedatetime: 2.6
    py38-pycparser: 2.21
    py38-pyrfc3339: 1.1
    py38-pysocks: 1.7.1
    py38-pytz: 2021.3,1
    py38-requests: 2.25.1
    py38-requests-toolbelt: 0.9.1_1
    py38-urllib3: 1.26.7,1
    py38-zope.component: 4.2.2
    py38-zope.event: 4.1.0
    py38-zope.interface: 5.3.0

Number of packages to be installed: 23

The process will require 18 MiB more space.
3 MiB to be downloaded.
```


----------



## diizzy (Mar 26, 2022)

I'm still very happy with lego https://www.freshports.org/security/lego/ but that doesn't really solve your issue at its core

Looking at https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262744 and https://www.freshports.org/security/py-openssl/ this seems to be resolved


----------

