Running "certbot" ffom cron

Reply: Fernando_Apesteguía : "Re: Running "certbot" ffom cron"
Reply: Odhiambo Washington : "Re: Running "certbot" ffom cron"
Reply: fatty.merchandise677_a_aceecat.org: "Re: Running "certbot" ffom cron"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Jerry <jerry_at_seibercom.net>
Date: Tue, 11 Feb 2025 21:24:05 UTC

FreeBSD 14.2-RELEASE-p1
certbot 3.1.0
Apache/2.4.63 (FreeBSD)

I have the following command in my cron file:

 /usr/local/bin/certbot --apache renew --pre-hook "service dovecot stop" --post-hook "service dovecot start"

I have added this to the environment: CRYPTOGRAPHY_OPENSSL_NO_LEGACY=1. I also put itI cannot  at the top of my cron file.

The command works perfectly from the command line; however, from cron it crashes and produces this error message.

Traceback (most recent call last):
File "/usr/local/bin/certbot", line 5, in <module>  from certbot.main import main
File "/usr/local/lib/python3.11/site-packages/certbot/main.py", line 6, in <module> from certbot._internal import main as internal_main
File "/usr/local/lib/python3.11/site-packages/certbot/_internal/main.py", line 20, in <module> import josepy as jose
File "/usr/local/lib/python3.11/site-packages/josepy/__init__.py", line 41, in <module> from josepy.json_util import (
File "/usr/local/lib/python3.11/site-packages/josepy/json_util.py", line 25, in <module> from OpenSSL import crypto
File "/usr/local/lib/python3.11/site-packages/OpenSSL/__init__.py", line 8, in <module> from OpenSSL import SSL, crypto
File "/usr/local/lib/python3.11/site-packages/OpenSSL/SSL.py", line 10, in <module> from OpenSSL._util import (
File "/usr/local/lib/python3.11/site-packages/OpenSSL/_util.py", line 6, in <module> from cryptography.hazmat.bindings.openssl.binding import Binding
File "/usr/local/lib/python3.11/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 15, in <module> from cryptography.exceptions import InternalError
File "/usr/local/lib/python3.11/site-packages/cryptography/exceptions.py", line 9, in <module> from cryptography.hazmat.bindings._rust import exceptions as rust_exceptions
RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a fatal error by default, but cryptography supports running without legacy algorithms by setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you have likely made a mistake with your OpenSSL configuration.

I cannot figure out why it works on the command line but not from within cron.

-- 
Jerry