OpenSSL
SSL library
Getting fresh version installed has been a problem for my InstaPaper and TwitterBot work.
Sept04'2017 did MacOsX upgrade as part of Incrementally Migrating To React-Native. Which allowed to me run brew update. But that didn't solve it.
Sept12: Tried a bunch of stuff which didn't work, but didn't log it carefully. So going to start over now.
- (I'm inside my
stPython VirtualEnv.) - try
brew install openssl->openssl 1.0.2l is already installed, butopenssl version->OpenSSL 0.9.8zh 14 Jan 2016 - more detail
> openssl version -a
OpenSSL 0.9.8zh 14 Jan 2016
built on: Jan 23 2017
platform: darwin64-x86_64-llvm
options: bn(64,64) md2(int) rc4(ptr,char) des(idx,cisc,16,int) blowfish(idx)
compiler: -arch x86_64 -fmessage-length=0 -pipe -Wno-trigraphs -fpascal-strings -fasm-blocks -O3 -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DMD32_REG_T=int -DOPENSSL_NO_IDEA -DOPENSSL_PIC -DOPENSSL_THREADS -DZLIB -mmacosx-version-min=10.6
OPENSSLDIR: "/System/Library/OpenSSL"
- and
> which openssl
/usr/bin/openssl
- try
brew uninstall openssl
Error: Refusing to uninstall /usr/local/Cellar/openssl/1.0.2l
because it is required by watchman 4.9.0, which is currently installed.
You can override this and force removal with:
brew uninstall --ignore-dependencies openssl
- do
brew uninstall --ignore-dependencies openssl - then
rm -rf /usr/local/openssl - then
brew install openssl
shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
chdir: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
chdir: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
chdir: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
pwd: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
Error: The current working directory doesn't exist, cannot proceed.
cd /usr/local/confirm there's noopensslin there, so domkdir openssl- try again 'brew install openssl`
==> Downloading https://homebrew.bintray.com/bottles/openssl-1.0.2l.sierra.bottle
Already downloaded: /Users/billseitz/Library/Caches/Homebrew/openssl-1.0.2l.sierra.bottle.tar.gz
==> Pouring openssl-1.0.2l.sierra.bottle.tar.gz
==> Caveats
A CA file has been bootstrapped using certificates from the SystemRoots
keychain. To add additional certificates (e.g. the certificates added in
the System keychain), place .pem files in
/usr/local/etc/openssl/certs
and run
/usr/local/opt/openssl/bin/c_rehash
This formula is keg-only, which means it was not symlinked into /usr/local,
because Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries.
If you need to have this software first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.zshrc
For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include
==> Summary
🍺 /usr/local/Cellar/openssl/1.0.2l: 1,709 files, 12.2MB
- but
openssl versiongives same result - per that output do
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.zshrc - and
echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile - derp maybe need to open new Terminal to test! success!
- but what about inside VirtualEnv? Yes, also good!
(This page gives a little more clear/simple explanation.)
But not out of the woods yet....
Trying TwitterBot: Do python puppet_ebooks.py, get
...
File "/Users/billseitz/Documents/djcode/st/lib/python2.7/site-packages/requests/sessions.py", line 486, in send
r = adapter.send(request, **kwargs)
File "/Users/billseitz/Documents/djcode/st/lib/python2.7/site-packages/requests/adapters.py", line 385, in send
raise SSLError(e)
requests.exceptions.SSLError: [Errno 1] _ssl.c:499: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
- do this with Keychain to create certificate? No, that actually sounds like it's for server certs.
This page makes me wonder if the issue is that I haven't upgrade the requests library in awhile. So pip install requests --upgrade which seems fine, ending with Successfully installed requests chardet idna urllib3 certifi
Try python puppet_ebooks.py again. New error!
File "/Users/billseitz/Documents/djcode/st/lib/python2.7/site-packages/requests/sessions.py", line 618, in send
r = adapter.send(request, **kwargs)
File "/Users/billseitz/Documents/djcode/st/lib/python2.7/site-packages/requests/adapters.py", line 506, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='api.twitter.com', port=443): Max retries exceeded with url: /1.1/lists/ownerships.json?cursor=-1&screen_name=puppet_ebooks (Caused by SSLError(SSLError(1, '_ssl.c:499: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm'),))
Argh Python is still using the old OpenSSL:
>python -c "import ssl; print ssl.OPENSSL_VERSION"
OpenSSL 0.9.7l 28 Sep 2006
Python is at 2.7.13 - maybe I should upgrade that. I guess I'll try this method.
deactivatebrew update && brew upgrade python
Already up-to-date.
Error: python not installed
>python
Python 2.7.10 (default, Feb 7 2017, 00:08:15)
- paste in rest of long script, then do
virtualenv <EXISTING_ENV_PATH>- seems to work - do
source bin/activatethenpythongetPython 2.7.10 (default, Feb 7 2017, 00:08:15) - do
python puppet_ebooks.py- get prompt back, no error message, but feedback at all.... - check https://twitter.com/puppet_ebooks there's a fresh entry!
Back over to TweetBot page.
Edited: | Tweet this! | Search Twitter for discussion
Made with flux.garden