Comment 0 for bug 1875471

This issue only affects version 0.39.0-1 of the python-certbot-nginx package in Ubuntu 20.04.

To reproduce the problem, install python3-certbot-nginx and run a command like:

sudo certbot -d example.org --agree-tos --staging --register-unsafely-without-email --nginx

This command will fail and the relevant output is:

AttributeError: module 'acme.challenges' has no attribute 'TLSSNI01'

The problem here is python-certbot-nginx contains references to code in python-acme that has been removed. This problem makes python-certbot-nginx completely unable to obtain certificates.

As the upstream maintainer of this package, I'll suggest two ways to fix this problem:

1. Update python-certbot-nginx to our 0.40.0 release. The benefit of this is it sticks to well tested versions of our software rather than making potentially error prone backports. Certbot has an SRU exception which can be seen at https://wiki.ubuntu.com/StableReleaseUpdates/Certbot. The diff of code upstream between 0.39.0 and 0.40.0 if you all want to take this route can be see at https://gist.github.com/bmw/a88429687f4aed13e300fafdad85ce30.

2. You can manually backport minimal fixes. The only changes that should required from the above gist are the changes to:

* certbot_nginx/configurator.py
* certbot_nginx/tests/configurator_test.py

While I have essentially no knowledge of creating .debs myself, please let me know if you have any questions resolving this, want help testing proposed packages, etc.