I'm trying to connect to Stripe to setup payments. I have it working on my dev machine, but when I push to prod, I get the following SSL error:
Can't connect to HTTPS URL because the SSL module is not available.
Here are the details of my setup:
I've read multiple other SO answers that suggest reinstalling python, but to be sure to install dependencies first. That shouldn't be an issue when installing inside and anaconda environment should it? Shouldn't anaconda take care of all of the dependencies for me?
I have HTTPS enabled and working for the entire domain (all requests are routed to https). When I check my install, I do have openssl, and when I open a shell in my django environment, I can import and use the module without issue... so I'm not sure how to continue troubleshooting the issue.
Any help is much appreciated!
Also, heres a stack trace:
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/connectionpool.py" in urlopen
589. conn = self._get_conn(timeout=pool_timeout)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/connectionpool.py" in _get_conn
251. return conn or self._new_conn()
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/connectionpool.py" in _new_conn
827. raise SSLError("Can't connect to HTTPS URL because the SSL "
During handling of the above exception (Can't connect to HTTPS URL because the SSL module is not available.), another exception occurred:
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/requests/adapters.py" in send
440. timeout=timeout
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/connectionpool.py" in urlopen
639. _stacktrace=sys.exc_info()[2])
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/util/retry.py" in increment
388. raise MaxRetryError(_pool, url, error or ResponseError(cause))
During handling of the above exception (HTTPSConnectionPool(host='api.stripe.com', port=443): Max retries exceeded with url: /v1/customers (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.",))), another exception occurred:
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/http_client.py" in request
121. **kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/requests/sessions.py" in request
508. resp = self.send(prep, **send_kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/requests/sessions.py" in send
618. r = adapter.send(request, **kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/requests/adapters.py" in send
506. raise SSLError(e, request=request)
During handling of the above exception (HTTPSConnectionPool(host='api.stripe.com', port=443): Max retries exceeded with url: /v1/customers (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.",))), another exception occurred:
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/core/handlers/exception.py" in inner
41. response = get_response(request)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/core/handlers/base.py" in _get_response
187. response = self.process_exception_by_middleware(e, request)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/core/handlers/base.py" in _get_response
185. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/views/decorators/csrf.py" in wrapped_view
58. return view_func(*args, **kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/contrib/auth/decorators.py" in _wrapped_view
23. return view_func(request, *args, **kwargs)
File "/home/user/protectyourreviews/protectyourreviews/../payments/views.py" in stripe_test
35. source=token
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/resource.py" in create
467. response, api_key = requestor.request('post', url, params, headers)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/api_requestor.py" in request
150. method.lower(), url, params, headers)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/api_requestor.py" in request_raw
335. method, abs_url, headers, post_data)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/http_client.py" in request
139. self._handle_request_error(e)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/http_client.py" in _handle_request_error
159. raise error.APIConnectionError(msg)
Exception Type: APIConnectionError at /payments/test/stripe/
Exception Value: Unexpected error communicating with Stripe. If this problem persists,
let us know at [email protected].
(Network error: SSLError: HTTPSConnectionPool(host='api.stripe.com', port=443): Max retries exceeded with url: /v1/customers (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.",)))
Edit
After re-instaling mod_wsgi in a fresh python virtualenv, it's still trying to open the old anaconda path. I've changed the python-home and python-path directives in WSGIDaemonProcess, but no matter what I try, it's still trying to open python from the miniconda3 directory (which I've deleted).
Here's a trace from Apache error logs:
Current thread 0x00007f99f6769780 (most recent call first):
[Mon Aug 28 20:13:15.264466 2017] [core:notice] [pid 26528] AH00051: child pid 26775 exit signal Aborted (6), possible coredump in /etc/apache2
[Mon Aug 28 20:13:15.264608 2017] [core:notice] [pid 26528] AH00051: child pid 26776 exit signal Aborted (6), possible coredump in /etc/apache2
[Mon Aug 28 20:13:16.340556 2017] [wsgi:info] [pid 26789] mod_wsgi (pid=26789): Python home /home/user/miniconda3/envs/protectyourreviews.
[Mon Aug 28 20:13:16.341203 2017] [wsgi:warn] [pid 26789] (2)No such file or directory: mod_wsgi (pid=26789): Unable to stat Python home /home/user/miniconda3/envs/protectyourreviews. Python interpreter may not be a$
[Mon Aug 28 20:13:16.341357 2017] [wsgi:info] [pid 26789] mod_wsgi (pid=26789): Initializing Python.
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ImportError: No module named 'encodings'
Edit 2
Yes, I did start from a clean source directory. I copied the mod_wsgi tar file to the new directory and ran configure/make/make install in the new directory. I believe I also deleted the apache module files before the new install just in case.
I've tried multiple iterations of the below directives (both / only python-home / only python-path) but no matter what I try, I can't figure out why mod_wsgi keeps looking in the deleted miniconda3 folder. Is there some other config file that I'm forgetting about?
Here's my wsgi.load:
LoadModule wsgi_module /usr/lib/apache2/modules/mod_wsgi.so
Here are my Apache2 directives (where pyr_env is my new Python virtualenv folder):
WSGIDaemonProcess protectyourreviews python-home=/home/user/pyr_env/ python-path=/home/user/protectyourreviews
WSGIProcessGroup protectyourreviews
WSGIScriptAlias / /home/user/protectyourreviews/zz_test/test.wsgi
<Directory /home/user/protectyourreviews/zz_test>
<Files test.wsgi>
Require all granted
</Files>
</Directory>
Edit 3
I followed the instructions you suggested in the docs, and the output follows.
Here's the output of ldd:
$ ldd /usr/lib/apache2/modules/mod_wsgi.so
linux-vdso.so.1 => (0x00007fffad973000)
libpython3.5m.so.1.0 => /usr/lib/x86_64-linux-gnu/libpython3.5m.so.1.0 (0x00007f05b8c02000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f05b89e5000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f05b861a000)
libexpat.so.1 => /lib/x86_64-linux-gnu/libexpat.so.1 (0x00007f05b83f1000)
libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f05b81d7000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f05b7fd2000)
libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007f05b7dcf000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f05b7ac6000)
/lib64/ld-linux-x86-64.so.2 (0x0000558bed982000)
And here's the output after unsetting LD_LIBRARY_PATH:
$ unset LD_LIBRARY_PATH
$ ldd /usr/lib/apache2/modules/mod_wsgi.so
linux-vdso.so.1 => (0x00007ffd91bd2000)
libpython3.5m.so.1.0 => /usr/lib/x86_64-linux-gnu/libpython3.5m.so.1.0 (0x00007f8bec8a6000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f8bec689000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f8bec2be000)
libexpat.so.1 => /lib/x86_64-linux-gnu/libexpat.so.1 (0x00007f8bec095000)
libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f8bebe7b000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f8bebc76000)
libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007f8beba73000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f8beb76a000)
/lib64/ld-linux-x86-64.so.2 (0x000055e8861a5000)
I made sure permissions are set correctly on the virtual environment folder, and also recompiled again to be absolutely sure I have the correct version. Here's all input and output from the process:
#----CHANGE PERMISSIONS OF VIRTUAL ENVIRONMENT
$ sudo chgrp -R www-data /home/user/pyr_env/
$ sudo chmod -R g+rwx /home/user/pyr_env/
#----DELETE OLD FOLDER
$ rm -r mod_wsgi-4.5.17/
#----START FRESH WITH CONFIG/MAKE/INSTALL
$ tar xvfz 4.5.17.tar.gz
$ cd mod_wsgi-4.5.17/
$ ./configure --with-python=/usr/bin/python3
$ make
$ sudo make install
/usr/bin/apxs2 -i -S LIBEXECDIR=/usr/lib/apache2/modules -n 'mod_wsgi' src/server/mod_wsgi.la
/usr/share/apache2/build/instdso.sh SH_LIBTOOL='/usr/share/apr-1.0/build/libtool' src/server/mod_wsgi.la /usr/lib/apache2/modules
/usr/share/apr-1.0/build/libtool --mode=install install src/server/mod_wsgi.la /usr/lib/apache2/modules/
libtool: install: install src/server/.libs/mod_wsgi.so /usr/lib/apache2/modules/mod_wsgi.so
libtool: install: install src/server/.libs/mod_wsgi.lai /usr/lib/apache2/modules/mod_wsgi.la
libtool: finish: PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/sbin" ldconfig -n /usr/lib/apache2/modules
----------------------------------------------------------------------
Libraries have been installed in:
/usr/lib/apache2/modules
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 644 /usr/lib/apache2/modules/mod_wsgi.so
#----OUTPUT OF LDD
$ ldd /usr/lib/apache2/modules/mod_wsgi.so
linux-vdso.so.1 => (0x00007ffcfb9a9000)
libpython3.5m.so.1.0 => /usr/lib/x86_64-linux-gnu/libpython3.5m.so.1.0 (0x00007f19ae26f000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f19ae052000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f19adc87000)
libexpat.so.1 => /lib/x86_64-linux-gnu/libexpat.so.1 (0x00007f19ada5e000)
libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f19ad844000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f19ad63f000)
libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007f19ad43c000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f19ad133000)
/lib64/ld-linux-x86-64.so.2 (0x000055aa1cb7a000)
#----RESTART APACHE
$ sudo apache2ctl restart
Unfortunately I'm seeing the exact same errors in Apache. Here's apache2/error.log:
Current thread 0x00007fb350fee780 (most recent call first):
[Wed Aug 30 14:13:08.130076 2017] [core:notice] [pid 9754] AH00051: child pid 28636 exit signal Aborted (6), possible coredump in /etc/apache2
[Wed Aug 30 14:13:08.130179 2017] [core:error] [pid 9754] AH00546: no record of generation 0 of exiting child 28636
[Wed Aug 30 14:13:08.130833 2017] [wsgi:info] [pid 28639] mod_wsgi (pid=28639): Python home /home/user/miniconda3/envs/protectyourreviews.
[Wed Aug 30 14:13:08.130907 2017] [wsgi:warn] [pid 28639] (2)No such file or directory: mod_wsgi (pid=28639): Unable to stat Python home /home/user/minico$
[Wed Aug 30 14:13:08.130992 2017] [wsgi:info] [pid 28639] mod_wsgi (pid=28639): Initializing Python.
[Wed Aug 30 14:13:08.131665 2017] [wsgi:info] [pid 28638] mod_wsgi (pid=28638): Python home /home/user/miniconda3/envs/protectyourreviews.
[Wed Aug 30 14:13:08.131716 2017] [wsgi:warn] [pid 28638] (2)No such file or directory: mod_wsgi (pid=28638): Unable to stat Python home /home/user/minico$
[Wed Aug 30 14:13:08.131782 2017] [wsgi:info] [pid 28638] mod_wsgi (pid=28638): Initializing Python.
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ImportError: No module named 'encodings'
It's still trying to open the miniconda folder that was deleted...
Can't connect to HTTPS URL because the SSL module is not available. I've read multiple other SO answers that suggest reinstalling python, but to be sure to install dependencies first. That shouldn't be an issue when installing inside and anaconda environment should it? Shouldn't anaconda take care of all of the dependencies for me?
The error states that the SSL python module is not available; meaning you either don't have an appropriate ssl lib installed (probably not since you state the system python can pip install fine), or the python you built from source or otherwise installed doesn't include the ssl module.
pip is configured with locations that require TLS/SSL, however the ssl module in Python is not available.
When the Python ssl module is imported by your application, it inherits the already loaded system SSL libraries, which are different to what the ssl module was compiled for and expects, thus it fails. So the issue is caused by Anaconda Python ignoring the system SSL libraries and using its own.
The problem is that Anaconda Python ships with its own SSL libraries and does not use the system SSL libraries when compiling the Python ssl module. The mod_ssl module in Apache is using the system libraries.
So if you enable mod_ssl in Apache, it pulls in the system SSL libraries. When the Python ssl module is imported by your application, it inherits the already loaded system SSL libraries, which are different to what the ssl module was compiled for and expects, thus it fails.
So the issue is caused by Anaconda Python ignoring the system SSL libraries and using its own.
The only solution is to use the system Python version and not Anaconda Python, or run your WSGI application using mod_wsgi-express behind your main Apache installation which would only act as termination point for SSL and then proxy to the mod_wsgi-express instance.
Unless you have a specific requirement, is better to use the system Python version and not Anaconda Python.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With