In December 2020 and release 1.10.0, Let’s Encrypt had deprecated certbot-auto on Debian based systems including Ubuntu. In their release 1.11.0, they also deprecate the script on every OS.

It is only certbot-auto that they deprecated. Our other distribution methods or Certbot more generally was not deprecated on Debian.

The behavior you can expect from certbot-auto on a deprecated OS is that if you had run the script before and had an existing Certbot installation from it, that installation will continue to work, however, you will no longer receive updates and a message will be printed every time the script is run explaining this. If you do not have an existing certbot-auto installation, the script will refuse to install Certbot and say that you need to use a different installation method.

Source: https://community.letsencrypt.org/t/certbot-auto-deprecated-explanation-and-solutions/139821


Your system is not supported by certbot-auto anymore.

Certbot-auto deprecated: Explanation and Solutions!
https://community.letsencrypt.org/t/certbot-auto-deprecated-explanation-and-solutions/139821



Table Of Contents
  1. How do I install Certbot now?
  2. Uninstalling a package like certbot from snapcraft
  3. Links



How do I install Certbot now?

The way we recommend most users install Certbot is through snaps. You can find instructions for doing this at https://certbot.eff.org/instructions.

On Ubuntu 16.04

$
$ sudo snap install core; sudo snap refresh core


Remove any Certbot OS packages

If you have any Certbot packages installed using an OS package manager like apt, dnf, or yum, you should remove them before installing the Certbot snap to ensure that when you run the command certbot the snap is used rather than the installation from your OS package manager. The exact command to do this depends on your OS, but common examples are sudo apt-get remove certbot, sudo dnf remove certbot, or sudo yum remove certbot.

$ apt-get remove certbot
$ apt autoremove


Install Cerbot

$
$ sudo snap install --classic certbot


Prepare the Certbot command

Execute the following instruction on the command line on the machine to ensure that the certbot command can be run.

$
$ sudo ln -s /snap/bin/certbot /usr/bin/certbot


Choose how you’d like to run Certbot. Either get and install your certificates…

Run this command to get a certificate and have Certbot edit your Apache configuration automatically to serve it, turning on HTTPS access in a single step.

$
$ sudo certbot --apache

For multiple subject alternative name (SAN) included in the certificate you can use the following command.

$
$ sudo certbot -d domain1.tld -d sub.domain.tld -d domain2.tld -d domain3.tld --apache


Or, just get a certificate

If you’re feeling more conservative and would like to make the changes to your Apache configuration by hand, run this command.

$
$ sudo certbot certonly --apache


Test automatic renewal

The Certbot packages on your system come with a cron job or systemd timer that will renew your certificates automatically before they expire. You will not need to run Certbot again, unless you change your configuration. You can test automatic renewal for your certificates by running this command:

$
$ sudo certbot renew --dry-run


The command to renew certbot is installed in one of the following locations:

/etc/crontab/
/etc/cron./
systemctl list-timers

# Pass –all to see loaded but inactive timers, too.
systemctl list-timers –all



Uninstalling a package like certbot from snapcraft

If you want to uninstall the snap certbot utility you can run the following command

$
$ sudo snap remove certbot



Links

Let’s Encrypt – Free SSL/TLS Certificates
https://letsencrypt.org/

Certbot-auto deprecated: Explanation and Solutions!
https://community.letsencrypt.org/t/certbot-auto-deprecated-explanation-and-solutions/139821

Snap (package manager)
https://en.wikipedia.org/wiki/Snap_(package_manager)

Snapcraft – The app store for Linux
https://snapcraft.io/

Snapcraft documentation
https://snapcraft.io/docs/getting-started