no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+====== LetsEncrypt - recovering from bad install ======
+The script for installing LetsEncrypt can break, especially if you do not watch for errors on your own system. For example, one of our techs did not notice the package installation failed on one of the installs, which resulted in an unusable system.
+**NOTE**: The server itself was ok, and no services were affected, but certbot was not able to request or install certificates. After we fixed the errors, attempts to reinstall failed as the installer found the partial install and assumed all was still go. No "reinstall" or "uninstall" options were found.
+The installation locations are not well documented, but we were able to locate enough of it so we could return the system to a fairly pristine state. Basically ran
+<code bash>
+find / -name letsencrypt -o -name certbot
+</code>
+to figure out what to do.
+<WRAP center round alert 60%>
+Do not run the following script if you have successfully installed a certificate via certbot. certbot "remembers" the state the server was in before it ran, and can return to that state, but **not** after running the following. Use the rollback option before running this:
+<code>./certbot-auto rollback</code>
+</WRAP>
+Anyway, it did the full, but broken, install. No instructions anyplace
+for how to remove it (it will only install dependencies if it is not
+installed already). So, I ran
+<code bash>
+rm -fRv /root/certbot/ root/.local/share/letsencrypt /etc/letsencrypt/
+/var/lib/letsencrypt/ /var/log/letsencrypt/
+</code>
+Once I did that, it appears to have been cleanly uninstalled.
+To completely remove the system (**untested**)
+<code bash remove_certbot.sh>
+cd /opt/certbot
+./certbot-auto rollback
+rm -fRv /root/certbot/ root/.local/share/letsencrypt /etc/letsencrypt/
+/var/lib/letsencrypt/ /var/log/letsencrypt/
+</code>
+===== Case Study =====
+This is what happened with us. One of the techs did the install but missed a message from apt (debian system) that a repository was missing. The install script continues, but you end up with an unusable certbot install.
+I tried rerunning the installer, deleting, then re-downloading the installer,and had no luck any time. Finally, I figured out the above script, ran it, then //carefully// started a new install. I saw the following error mesages:
+./certbot-auto: 229: ./certbot-auto: lsb_release: not found
+./certbot-auto: 231: ./certbot-auto: lsb_release: not found
+No libaugeas0 version is available that's new enough to run the
+These do NOT stop the install; it just continues on, but creating a
+broken install. So, I removed it all again and fixed the lsb and libaugeas0 problems with the following:
+<code bash fix.sh>
+echo 'deb http://http.debian.net/debian wheezy-backports main' > /etc/apt/sources.list.d/wheezy-backports.list
+apt-get update
+apt-get install -y lsb-release
+</code>
+**Note:** wheezy-backports has a newer version of libaugeas0, which is required for correct operation of certbot.