This is a pretty technical post, about how to troubleshoot and fix a not-quite-renewing correctly lets encrypt certificate on AWS instances!

Let’s Encrypt renewals patchy on EC2

If you’ve tried to renew a Lets Encrypt cert on AWS EC2, and have run into an issue, which ends with (something like):

from zope.interface import Interface
ImportError: No module named interface

You have probably had an issue updating your certificate using the Lets Encrypt auto update feature.

Upgrade pip

There is a good summary of this issue, here, but if you wanted to give the solution which usually works for us a quick spin, it is the following:

pip install --upgrade pip
pip install virtualenv --upgrade
cd /opt/letsencrypt
./certbot-auto renew

The above usually resolves our issues.

Incidentally, if you had a cron running some other update regime, its maybe time to grab a new Lets Encrypt and start using `./certbot-auto renew` – this will update all the certs on your box!

Good luck with your free securification!

Not working… “no module named interface”

Yeah… that can happen too. Try this tutorial.