-
Notifications
You must be signed in to change notification settings - Fork 167
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clean install through pip fails with SSL/TLS issues #238
Comments
what python are you using? side note, users shouldn't rely on the presence of a package on test.pypi.org; that's only temporary location for the developers to test the packaging tools. |
I’m using the recommended 2.7.x. I understand the developer caveat – I just really need the FDK update (in particular to
|
it's probably this bug:
|
how did you install python then? |
A valid question. From the site, I think. You’re probably right about openssl, I’m trying to update that now – mixed results so far but I’ll update you. When I figure it out, might be a good item for the README/setup flow. |
users shouldn't need to mess with openssl and such. You just need a fairly recent version of python 2.7 (that links with the up-to-date openssl). |
also, check what version of |
and try running |
Python is the installer from python.org. pip is 9.0.1. The openssl import gives me |
that is weird. |
so you downloaded and installed the 2.7.14 python.org distribution, with default settings. When you do |
|
I just tried and am also seeing that. Investigating |
sorry it looks like a bug... https://bugs.python.org/issue17128 well, one way for you to fix this would be to use homebrew to install python2. Note that if you do that you have to call python as Homebrew links it with the most recent openssl, for sure. |
this is explained in the README of the mac python.org installers, if we care to read:
|
I really wish it would. Still fighting. I’m kinda lost here. I can’t imagine this problem will remain exclusive to me. |
doesn't it work? make sure you're actually calling the correct python2 and pip exectutables. |
Well, outrageously, the Homebrew Python 2 install didn’t set itself up on the PATH. I can’t figure out why or how, and frankly this is as far as I’ll go today with this bizarre set of issues. I downloaded the |
Okay, the stated command in the README works from |
Sorry about that, this is a bit out of our control... |
Thanks for debugging. One last question: the README says |
sorry, I was just passing by and got curious with the error. I'm not a afdko developer myself, and don't know how this was set up... good luck! 😁 |
this just worked for me (using homebrew python2 on macOS High Sierra): $ python2 -m virtualenv afdko-test
$ source afdko-test/bin/activate
$ pip install --extra-index-url https://pypi.org/simple --index-url https://test.pypi.org/simple afdko
$ which checkOutlinesUFO
/Users/clupo/afdko-test/bin/checkOutlinesUFO
$ checkOutlinesUFO --version
checkOutlinesUFO 2.0.0 |
Yeah, I get stuck at |
try uninstalling and reinstalling homebrew python2. the don't do it yourself, let homebrew do it. |
when you are outside a virtual environment, you call pip with the python interpreter followed by -m, e.g. python2 -m pip ... This is to be sure you are using the pip executables that is linked to that specific python interpreter. only when inside a virtualenv you can unconditionally do pip install ... without worrying that it's the correct pip. It must be if virtualenv is working, as it prepends its own |
I uninstalled and reinstalled, it says it’s pointing to the Python2 in |
After |
let's keep this issue open until we figure out a workaround for python.org installs or improve the docs. don't ever use easy_install, it's deprecated. You can and should use pip for everything. you don't need to call python as python2 from within the virtualenv. If you sourced the virtual environment properly, then you just call |
to recap
now we are inside, for as long as we do All this above must work, if it doesn't we have a problem. |
From scratch, this process does indeed work. Thanks a lot! We should probably recommend this process for any new installs. |
still, it's a pity that the afdko package be tied with any particular python distribution. The advantage of moving to a setup.py kind of installation was to free oneself from having to distribute its own python installation, and be treated like any other python library distributed via PyPI. I think the issue can be mitigated by the fact that the SSLError above with the official Python.org binary only happens when attempting to install from the test.pypi.org server. It doesn't happen when one pip installs from the regular pypi, does it? If so, then this is just a temporary issue which will go away once afdko is uploaded to the actual PyPI server, instead of the test one. |
In my search for answers to these issues, I found plenty of similar complaints about other packages. pypi.org is https, so it’s very well possible that this problem isn’t going away when we stop with the test server. |
Also, note that none of the instructions I gave above is anything special or related to the afdko or homebrew (well, of course, besides invoking |
I just tried to call |
they may be using a different certificate format which is unsupported on later OpenSSL versions, on the test server as opposed to the production one. |
All right, fair enough. Then my hands are off. |
@anthrotype Is it? I had no idea. What is it tied to? How can we remove that limitation? Sorry, it's not clear from reading the discussion above. |
I meant that before it used to bundle it’s own python. Let’s not force users to use a particular python now (eg homebrew’s) |
Ah, got it. |
http://pyfound.blogspot.in/2017/01/time-to-upgrade-your-python-tls-v12.html It's actually because of lack of TLS 1.2 support on old MacOS System Pythons. |
Also, pip 9.0.3 has a patch to use TLS 1.2 on affected systems. |
struggling with is issue too. what is the solution? can't code cuz cant use pip |
See the article 'time-to-upgrade-your-python-tls-v12.html' referenced by pradyunsg above. An alternative is to upgrade your Mac OS to High Sierra; the system python does then support TLS 1.2. It is unfortunate that PyPi and other organizations are being forced to switch over to using TLS 1.2, as it does mean that everyone who wants to use pip with Python 2.7 must either upgrade to High Sierra, or build and install the latest Python distribution. Well, time will make this steadily less of a problem. |
I think it should be enough to simply upgrade pip to 9.0.3. Did you try that? |
I managed to upgrade it with PS: I am on high sierra. |
I ran the following commands to resolve the issue
This upgraded pip to pip-9.0.3 and this version has no issues |
Yes, This's works!!! |
This could be a result of the recent TLS support deprecation by Python.org sites. Python.org sites have stopped supporting TLS v1.0 and v1.1. Need to upgrade |
|
Hi nextkitt; I assume you are posting this because installing the AFDKO failed for you. If this is correct, did you also try the last step in gitanumpam's post, of updating setup tools? 'pip install --upgrade setuptools'. |
I know this issue is closed but I had the same issue and with hours of research and attempting potential solutions nothing seemed to work. Ended up uninstalling and reinstalling Python and have not ran into this issue since, I highly suggest you try this. |
As recommended (and this should likely be in the README), I’m using a virtual environment. Running the command
pip install --extra-index-url https://pypi.org --index-url https://test.pypi.org/simple afdko
(even with the--trusted-host
flags), I however get an error that I can’t trace back reliably – I think I’m out of my depth on this one. I’ve pasted in the error I get. This is on macOS Sierra, relatively clean machine and, as said, in a new virtual environment for the express purpose of testing the new FDK.It isn’t a firewall issue as far as I can tell, as this happens both on our corporate network and from my tethered phone on 4G.
The text was updated successfully, but these errors were encountered: