New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
constant_time.py:26: CryptographyDeprecationWarning: Support for your Python version is deprecated. The next version of cryptography will remove support. Please upgrade to a 2.7.x release that supports hmac.compare_digest #6827
Comments
This Python 2.7 package you're using looks quite old. You need Python 2.7.7 or higher. The two options for you are:
|
@bmw can you please update the message to say |
Turns out this isn't coming from certbot. It's from pyca/cryptography -- I'll send a PR to them... |
@jsoref thanks! |
So, I think given that certbot really wants to manage its own python34 instead of using someone's scl python2.7.old, it should probably recognize that case and suggest people not use py27 on rhel6/centos. Based on my experience, one of two things will happen if a user tries to use certbot w/o scl-py27:
It seems reasonable for certbot to issue a warning pointing to a page that explains:
|
Thanks for submitting that PR @jsoref.
I'm not sure we really care what you use. People are should be able to use an up-to-date version of the Python 2.7 SCL packages without issues. If you are using older/other packages, you may get deprecation warnings like you saw here and perhaps eventually errors if we drop support for that version of Python, but I personally think this is the correct behavior rather than trying to special case this setup. If Certbot works with the version of Python you want to use, great, we should use it. If we don't or we are trying to move away from it, tell the user. We are not planning on deprecating Python 2.7 support at this time.
This seems like a separate issue. If you're able to provide instructions on how to reproduce it, we'd like to know so we can try and see that the problem is fixed. |
We've made a lot of changes to Certbot since this issue was opened. If you still have this issue with an up-to-date version of Certbot, can you please add a comment letting us know? This helps us to better see what issues are still affecting our users. If there is no activity in the next 30 days, this issue will be automatically closed. |
I know this is an old issue... but this issue is still present. Certbot will create virtual environment with a system version of python 2.7.6 (Ubuntu 14.04). Even if put python 2.7.17 in the path before it or if I create the I was running this with This is how I was able to "fix" the issue:
|
We've made a lot of changes to Certbot since this issue was opened. If you still have this issue with an up-to-date version of Certbot, can you please add a comment letting us know? This helps us to better see what issues are still affecting our users. If there is no activity in the next 30 days, this issue will be automatically closed. |
This issue has been closed due to lack of activity, but if you think it should be reopened, please open a new issue with a link to this one and we'll take a look. |
This was mentioned in #6824 (comment) but that issue was closed as being related to debian wheezy
My operating system is (include version):
CentOS release 6.10 (Final)
I installed Certbot with (certbot-auto, OS package manager, pip, etc):
certbot-auto using
scl enable python27 ...
I ran this command and it produced this output:
scl enable python27 /root/bin/scl-certbot-renew
/root/bin/scl-certbot-renew
:Certbot's behavior differed from what I expected because:
This package is part of the certbot venv and I shouldn't be getting scary warnings.
#3726 (comment) suggests filing a new issue.
Here is a Certbot log showing the issue (if available):
Logs are stored in
/var/log/letsencrypt
by default. Feel free to redact domains, e-mail and IP addresses as you see fit.Here is the relevant nginx server block or Apache virtualhost for the domain I am configuring:
The text was updated successfully, but these errors were encountered: