diff --git a/letsencrypt-auto-source/letsencrypt-auto b/letsencrypt-auto-source/letsencrypt-auto
index b4aa975d7..6c5f37e88 100755
--- a/letsencrypt-auto-source/letsencrypt-auto
+++ b/letsencrypt-auto-source/letsencrypt-auto
@@ -261,17 +261,23 @@ MIN_PYVER2=$(echo "$MIN_PYTHON_2_VERSION" | sed 's/\.//')
 MIN_PYTHON_3_VERSION="3.5"
 MIN_PYVER3=$(echo "$MIN_PYTHON_3_VERSION" | sed 's/\.//')
 # Sets LE_PYTHON to Python version string and PYVER to the first two
-# digits of the python version
+# digits of the python version.
+# MIN_PYVER and MIN_PYTHON_VERSION are also sets by this function, and their
+# values depend on if we try to use Python 3 or Python 2.
 DeterminePythonVersion() {
   # Arguments: "NOCRASH" if we shouldn't crash if we don't find a good python
   #
   # If no Python is found, PYVER is set to 0.
   if [ "$USE_PYTHON_3" = 1 ]; then
+    MIN_PYVER=$MIN_PYVER3
+    MIN_PYTHON_VERSION=$MIN_PYTHON_3_VERSION
     for LE_PYTHON in "$LE_PYTHON" python3; do
       # Break (while keeping the LE_PYTHON value) if found.
       $EXISTS "$LE_PYTHON" > /dev/null && break
     done
   else
+    MIN_PYVER=$MIN_PYVER2
+    MIN_PYTHON_VERSION=$MIN_PYTHON_2_VERSION
     for LE_PYTHON in "$LE_PYTHON" python2.7 python27 python2 python; do
       # Break (while keeping the LE_PYTHON value) if found.
       $EXISTS "$LE_PYTHON" > /dev/null && break
@@ -287,14 +293,6 @@ DeterminePythonVersion() {
     fi
   fi
 
-  if [ "$USE_PYTHON_3" = 1 ]; then
-    MIN_PYVER=$MIN_PYVER3
-    MIN_PYTHON_VERSION=$MIN_PYTHON_3_VERSION
-  else
-    MIN_PYVER=$MIN_PYVER2
-    MIN_PYTHON_VERSION=$MIN_PYTHON_2_VERSION
-  fi
-
   PYVER=$("$LE_PYTHON" -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//')
   if [ "$PYVER" -lt "$MIN_PYVER" ]; then
     if [ "$1" != "NOCRASH" ]; then
@@ -484,12 +482,11 @@ BOOTSTRAP_RPM_PYTHON3_LEGACY_VERSION=1
 EnablePython36SCL() {
   set +e
   # Do nothing if Python 3.6 is already available
-  ! "$EXISTS" python3.6 > /dev/null 2> /dev/null || return
+  "$EXISTS" python3.6 > /dev/null 2> /dev/null && set -e && return
   # Do nothing if SCL Python 3.6 is not installed
-  scl --list 2>/dev/null | grep -q rh-python36 || return
-  # Install SCL rh-python36
-  . scl_source enable rh-python36
-  set -e
+  ! scl --list 2>/dev/null | grep -q rh-python36 && set -e && return
+  # Enable SCL rh-python36
+  . scl_source enable rh-python36 && set -e
 }
 
 BootstrapRpmPython3Legacy() {
@@ -532,7 +529,6 @@ BootstrapRpmPython3Legacy() {
   BootstrapRpmCommonBase "${python_pkgs}"
 
   # Enable SCL rh-python36 after bootstrapping.
-  # NB: EnablePython36SCL has been defined along with BootstrapRpmPython3Legacy in certbot-auto
   EnablePython36SCL
 }
 
@@ -820,6 +816,7 @@ elif [ -f /etc/redhat-release ]; then
     BOOTSTRAP_VERSION="BootstrapRpmPython3Legacy $BOOTSTRAP_RPM_PYTHON3_LEGACY_VERSION"
 
     # Try now to enable SCL rh-python36 for systems already bootstrapped
+    # NB: EnablePython36SCL has been defined along with BootstrapRpmPython3Legacy in certbot-auto
     EnablePython36SCL
   else
     # Starting to Fedora 29, python2 is on a deprecation path. Let's move to python3 then.
diff --git a/letsencrypt-auto-source/letsencrypt-auto.template b/letsencrypt-auto-source/letsencrypt-auto.template
index acb93e9df..dea1e86a7 100755
--- a/letsencrypt-auto-source/letsencrypt-auto.template
+++ b/letsencrypt-auto-source/letsencrypt-auto.template
@@ -261,17 +261,23 @@ MIN_PYVER2=$(echo "$MIN_PYTHON_2_VERSION" | sed 's/\.//')
 MIN_PYTHON_3_VERSION="3.5"
 MIN_PYVER3=$(echo "$MIN_PYTHON_3_VERSION" | sed 's/\.//')
 # Sets LE_PYTHON to Python version string and PYVER to the first two
-# digits of the python version
+# digits of the python version.
+# MIN_PYVER and MIN_PYTHON_VERSION are also sets by this function, and their
+# values depend on if we try to use Python 3 or Python 2.
 DeterminePythonVersion() {
   # Arguments: "NOCRASH" if we shouldn't crash if we don't find a good python
   #
   # If no Python is found, PYVER is set to 0.
   if [ "$USE_PYTHON_3" = 1 ]; then
+    MIN_PYVER=$MIN_PYVER3
+    MIN_PYTHON_VERSION=$MIN_PYTHON_3_VERSION
     for LE_PYTHON in "$LE_PYTHON" python3; do
       # Break (while keeping the LE_PYTHON value) if found.
       $EXISTS "$LE_PYTHON" > /dev/null && break
     done
   else
+    MIN_PYVER=$MIN_PYVER2
+    MIN_PYTHON_VERSION=$MIN_PYTHON_2_VERSION
     for LE_PYTHON in "$LE_PYTHON" python2.7 python27 python2 python; do
       # Break (while keeping the LE_PYTHON value) if found.
       $EXISTS "$LE_PYTHON" > /dev/null && break
@@ -287,14 +293,6 @@ DeterminePythonVersion() {
     fi
   fi
 
-  if [ "$USE_PYTHON_3" = 1 ]; then
-    MIN_PYVER=$MIN_PYVER3
-    MIN_PYTHON_VERSION=$MIN_PYTHON_3_VERSION
-  else
-    MIN_PYVER=$MIN_PYVER2
-    MIN_PYTHON_VERSION=$MIN_PYTHON_2_VERSION
-  fi
-
   PYVER=$("$LE_PYTHON" -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//')
   if [ "$PYVER" -lt "$MIN_PYVER" ]; then
     if [ "$1" != "NOCRASH" ]; then
@@ -365,6 +363,7 @@ elif [ -f /etc/redhat-release ]; then
     BOOTSTRAP_VERSION="BootstrapRpmPython3Legacy $BOOTSTRAP_RPM_PYTHON3_LEGACY_VERSION"
 
     # Try now to enable SCL rh-python36 for systems already bootstrapped
+    # NB: EnablePython36SCL has been defined along with BootstrapRpmPython3Legacy in certbot-auto
     EnablePython36SCL
   else
     # Starting to Fedora 29, python2 is on a deprecation path. Let's move to python3 then.
diff --git a/letsencrypt-auto-source/pieces/bootstrappers/rpm_python3_legacy.sh b/letsencrypt-auto-source/pieces/bootstrappers/rpm_python3_legacy.sh
index f7152a8f7..d8baf1d9b 100644
--- a/letsencrypt-auto-source/pieces/bootstrappers/rpm_python3_legacy.sh
+++ b/letsencrypt-auto-source/pieces/bootstrappers/rpm_python3_legacy.sh
@@ -5,12 +5,11 @@ BOOTSTRAP_RPM_PYTHON3_LEGACY_VERSION=1
 EnablePython36SCL() {
   set +e
   # Do nothing if Python 3.6 is already available
-  ! "$EXISTS" python3.6 > /dev/null 2> /dev/null || return
+  "$EXISTS" python3.6 > /dev/null 2> /dev/null && set -e && return
   # Do nothing if SCL Python 3.6 is not installed
-  scl --list 2>/dev/null | grep -q rh-python36 || return
-  # Install SCL rh-python36
-  . scl_source enable rh-python36
-  set -e
+  ! scl --list 2>/dev/null | grep -q rh-python36 && set -e && return
+  # Enable SCL rh-python36
+  . scl_source enable rh-python36 && set -e
 }
 
 BootstrapRpmPython3Legacy() {
@@ -53,6 +52,5 @@ BootstrapRpmPython3Legacy() {
   BootstrapRpmCommonBase "${python_pkgs}"
 
   # Enable SCL rh-python36 after bootstrapping.
-  # NB: EnablePython36SCL has been defined along with BootstrapRpmPython3Legacy in certbot-auto
   EnablePython36SCL
 }
diff --git a/letsencrypt-auto-source/tests/centos6_tests.sh b/letsencrypt-auto-source/tests/centos6_tests.sh
index 26a7c53d6..9724becf9 100644
--- a/letsencrypt-auto-source/tests/centos6_tests.sh
+++ b/letsencrypt-auto-source/tests/centos6_tests.sh
@@ -7,6 +7,9 @@ yum install -y python27 >/dev/null 2>/dev/null
 LE_AUTO_PY_34="certbot/letsencrypt-auto-source/letsencrypt-auto_py_34"
 LE_AUTO="certbot/letsencrypt-auto-source/letsencrypt-auto"
 
+# Last version of certbot-auto that was bootstraping Python 3.4 for CentOS 6 users
+INITIAL_CERTBOT_VERSION_PY34="certbot 0.38.0"
+
 # we're going to modify env variables, so do this in a subshell
 (
   . scl_source enable python27
@@ -56,7 +59,7 @@ if ! "$LE_AUTO" 2>&1 | grep -q "WARNING: couldn't find Python"; then
 fi
 
 # bootstrap from the old letsencrypt-auto, this time installing python3.4
-prev_version=$("$LE_AUTO_PY_34" --no-self-upgrade -n --version 2>/dev/null | tail -2 | head -1)
+"$LE_AUTO_PY_34" --no-self-upgrade -n >/dev/null 2>/dev/null
 
 # ensure python 3.4 is installed
 python3.4 --version >/dev/null 2>/dev/null
@@ -79,7 +82,7 @@ if ! echo "$version" | grep -q certbot; then
   exit 1
 fi
 
-if [ "$version" != "$prev_version" ]; then
+if [ "$version" != "$INITIAL_CERTBOT_VERSION_PY34" ]; then
   echo "ERROR: certbot-auto upgraded certbot in a non-interactive shell with --non-interactive flag not set."
   exit 1
 fi
@@ -96,7 +99,7 @@ echo "PASSED: certbot-auto did not install Python3.6 in a non-interactive shell
 # now bootstrap from current letsencrypt-auto, that will install python3.6 from SCL
 "$LE_AUTO" --no-self-upgrade -n >/dev/null 2>/dev/null
 
-# Following tests are exectued in a subshell, to not leak any environment variable
+# Following test is exectued in a subshell, to not leak any environment variable
 (
   # enable SCL rh-python36
   . scl_source enable rh-python36
@@ -110,7 +113,10 @@ echo "PASSED: certbot-auto did not install Python3.6 in a non-interactive shell
   fi
 
   echo "PASSED: Successfully upgraded to Python3.6 using current letsencrypt-auto when only Python2.6/Python3.4 are present."
+)
 
+# Following test is exectued in a subshell, to not leak any environment variable
+(
   export VENV_PATH=$(mktemp -d)
   "$LE_AUTO" -n --no-bootstrap --no-self-upgrade --version >/dev/null 2>&1
   if [ "$($VENV_PATH/bin/python -V 2>&1 | cut -d" " -f2 | cut -d. -f1-2)" != "3.6" ]; then