Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to fix OpenSSL error with AWS CLI IoT API?

Tags:

homebrew

aws-cli

I am trying to run the AWS CLI on a Mac. I am trying to read/write shadow state using the iot-data API. The command is actually working correctly, but it throws an OpenSSL/TLS error every time. 

$ aws iot-data get-thing-shadow --thing-name "my-thing-20160209" my-thing-20160209.json

/usr/local/Cellar/awscli/1.10.1/libexec/vendor/lib/python2.7/site-packages/botocore/handlers.py:574: UnsupportedTLSVersionWarning: Currently installed openssl version: OpenSSL 0.9.8zg 14 July 2015 does not support TLS 1.2, which is required for use of iot-data. Please use python installed with openssl version 1.0.1 or higher.
  UnsupportedTLSVersionWarning

Here is the AWS version.

aws-cli/1.10.1 Python/2.7.10 Darwin/14.5.0 botocore/1.3.23

As you can see, I used Homebrew to install all. OpenSSL and Python are linked correctly. I can find nothing on my system referencing OpenSSL 0.9.8zg, and Python loads the correct OpenSSL version.

$ python -c 'import ssl; print ssl.OPENSSL_VERSION'
OpenSSL 1.0.2f  28 Jan 2016

There is some indication that other factors may be triggering the error: https://forums.aws.amazon.com/thread.jspa?messageID=690051#690051

However, since I can actually retrieve shadow state the error must be due to something else.

Any ideas what could be causing this error?

UPDATED: 2016-09-15 Including Python info

$ head $(which aws)
#!/bin/bash
PYTHONPATH="/usr/local/Cellar/awscli/1.10.51/libexec/lib/python2.7/site-packages:/usr/local/Cellar/awscli/1.10.51/libexec/vendor/lib/python2.7/site-packages" exec "/usr/local/Cellar/awscli/1.10.51/libexec/bin/aws" "$@"
like image 838
jedatu Avatar asked Feb 18 '16 04:02

jedatu

1 Answers

Since OS X has its own python and openssl lib, it appears that awscli is referencing them instead of your brewed versions. I'd guess that (a) home-brew's sym links really aren't correct or (b) the home-brew python is not tied to the brewed openssl version (so the awscli picks up the system openssl lib, but when you manually import the lib, you get the more up to date version).

I'd update OpenSSL, force its links and re-install python like so: 

brew update
brew install openssl
brew link openssl --force 

brew install python --with-brewed-openssl
like image 144
gregory Avatar answered Oct 06 '22 01:10

gregory
Sign in to Comment

Related questions

How to brew uninstall postgres on OX Sierra
How to install homebrew on Ubuntu inside Docker container
Installed GNU grep on OSX, but can't use
brew update broke something?
brew install nginx fails to link
brew services list shows mysql running but cannot connect
error [email protected]: The engine "node" is incompatible with this module. when trying to create-react-app
How can I install php7.1 using brew in 2020
HomeBrew Mac os x 10.8 throwing errors "no such file to load"
Homebrew: brew doctor throwing up a lot of errors, how can I fix them? [closed]
Does PostgreSQL exist on OS X Mavericks?
Mac OS Sierra virtualenv (python 2.7) pip install mysqlclient error
Homebrew PHP 7.1 (macOS Sierra) Apache Syntax Error
How to install apache-spark 2.2.0 with homebrew on Mac
Library not loaded error after brew install php56
How to completely uninstall brew and re-install brew in ubuntu 19.04
Reinstalling homebrew symbolic links after a restore
How to update python 3.6 to 3.7 using Mac terminal

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!