Some people might still be running servers with EOL (end-of-life) operating systems. certbot-auto recently broke Python compatibility with some of these in version 0.32.0.
The fix is straightforward: downgrade to 0.31.0.
This is how I did so:
# cd /opt/certbot git fetch --tags git checkout v0.31.0
I also edited my crontab. The certbot-auto entry now looks like this:
17 3 * * * PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games /opt/certbot/certbot-auto --no-self-upgrade renew --post-hook="service nginx reload" >> /var/log/le-renew.log
Notice the --no-self-upgrade option. This is important if you don’t want to run into the same issue in three months.
You may have to adapt these changes to your operating system, but it should resolve the issue and let you keep renewing your SSL certificates.
(I assume we all already know that we shouldn’t even be running such servers…but it happens. Some people also have commercial or enterprise support agreements.)
See https://community.letsencrypt.org/t/python-error-when-running-certbot-auto/88399 for more.