when using certbot (more on that below). The simple and easily googleable fix was to remove the ubuntu awscli package and pip install a newer version:'AWSHTTPSConnection' object has no attribute 'server_hostname'
sudo apt-get remove awscli
pip install --upgrade awscliI'd recommend doing that pip install in a venv (python virtual environment), especially if you have other "cloud tools" installed that way.
Now, why was I doing this and what does the title really mean? Most websites these days need to have an "SSL Cert" that is a signature by a certification authority. Really folks, you need to be doing this these days. Many businesses will not let you browse to a site that has a self signed cert and won't let you browse to a non-https site at all. But this is super easy as Let's Encrypt and certbot do all the work. I merely followed the steps here:
https://hackernoon.com/easy-lets-encrypt-certificates-on-aws-79387767830b
(Make sure you have certbot installed first. Your OS may have it packaged or "brew install certbot" on a Mac.)
And as with all of my recent posts, this is just mostly so I won't spend another 1/2 day trying to remember or recreate this.
And in all fairness, there are also a number of Ansible playbooks and/or roles for doing this. Here's some info on that:
https://github.com/geerlingguy/ansible-role-certbot
https://docs.ansible.com/ansible/2.5/modules/letsencrypt_module.html
https://docs.ansible.com/ansible/latest/modules/acme_account_module.html(Ansible letsencrypt module was renamed more generically as "ACME" as it actually uses ACME and Let's Encrypt adheres to that web standard.)
No comments:
Post a Comment