阿里云服务器centos7下certbot申请SSL证书运行问题

大概三个月前，通过let s encrypt来进行网站SSL证书的申请，现在算算也差不多是时间了，登上服务器，本来打算运行证书更新程序，没想到一执行便出现了问题：

pyOpenSSl的版本太低，按照网上的一些做法卸载了低版本的pyOpenSSl，重新安装了最新版的pyOpenSSl，但是再次执行certbot certifications还是出现了：

  ...
  File "/usr/lib/python2.7/site-packages/acme/jose/interfaces.py", line 9, in <module>
    from acme.jose import util
  File "/usr/lib/python2.7/site-packages/acme/jose/util.py", line 5, in <module>
    import OpenSSL
  File "/usr/lib/python2.7/site-packages/OpenSSL/__init__.py", line 8, in <module>
    from OpenSSL import rand, crypto, SSL
  File "/usr/lib/python2.7/site-packages/OpenSSL/SSL.py", line 118, in <module>
    SSL_ST_INIT = _lib.SSL_ST_INIT
AttributeError: 'module' object has no attribute 'SSL_ST_INIT'

网上查了下原因，好像是阿里云服务器问题，别家的服务器并没有这个情况，网上解决方案也是各式各样，这里采取了完全卸载之前的重新安装的方式：

[root@oldpan etc]# pip uninstall certbot

之前我是使用pip安装的所以用pip进行卸载，如果是用apt或者rpm安装的则需要相应的卸载命令。

[root@oldpan etc]# pip install certbot
 ...
[root@oldpan etc]# certbot certificates
Traceback (most recent call last):
  File "/usr/bin/certbot", line 7, in <module>
    from certbot.main import main
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 11, in <module>
    from acme import jose

[root@oldpan etc]# pip uninstall acme
Uninstalling acme-0.20.0:
  /usr/lib/python2.7/site-packages/acme-0.20.0.dist-info/DESCRIPTION.rst
  /usr/lib/python2.7/site-packages/acme-0.20.0.dist-info/INSTALLER
  /usr/lib/python2.7/site-packages/acme-0.20.0.dist-info/METADATA
  /usr/lib/python2.7/site-packages/acme-0.20.0.dist-info/RECORD
  /usr/lib/python2.7/site-packages/acme-0.20.0.dist-info/WHEEL
  /usr/lib/python2.7/site-packages/acme-0.20.0.dist-info/entry_points.txt
  /usr/lib/python2.7/site-packages/acme-0.20.0.dist-info/metadata.json
  /usr/lib/python2.7/site-packages/acme-0.20.0.dist-info/top_level.txt
Proceed (y/n)? y
  Successfully uninstalled acme-0.20.0

[root@oldpan etc]# pip install acme
 ...
/usr/lib/python2.7/site-packages (from cffi>=1.7; platform_python_
implementation != "PyPy"->cryptography>=0.8->acme)
Installing collected packages: acme
Successfully installed acme-0.20.0

[root@oldpan etc]# certbot certificates
/usr/lib/python2.7/site-packages/requests/__init__.py:80: RequestsDependencyWarning: urllib3 (1.22) or chardet
 (2.2.1) doesn't match a supported version!
  RequestsDependencyWarning)
Saving debug log to /var/log/letsencrypt/letsencrypt.log

-------------------------------------------------------------------------------
Found the following certs:
  Certificate Name: oldpan.me
    Domains: oldpan.me www.oldpan.me
    Expiry Date: 2018-01-19 04:08:01+00:00 (VALID: 6 days)
    Certificate Path: /etc/letsencrypt/live/oldpan.me/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/oldpan.me/privkey.pem
-------------------------------------------------------------------------------

重新验证一下就可以了，注意因为重新激活证书的时候需要80端口与中间服务器进行通信，如果此时网站运行的时候是不可以的，暂时关闭网站后进行更新证书再开启网站即可。