I have a Dropbox upload script on an old nas box I have, recently I've been getting the following error
SSL certificate error: [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm
I think this is due to openssl being out of date on the box
So I download openssl, built it from source and installed it, now when I run the following it appears to be updated correctly.
openssl version
OpenSSL 1.0.1h 5 Jun 2014
But it would appear Python is still referencing an old version, how would I update this?
python -c "import ssl; print ssl.OPENSSL_VERSION"
OpenSSL 0.9.7m 23 Feb 2007
Currently Python versions 3.6 to 3.9 are compatible with OpenSSL 1.0. 2, 1.1. 0, and 1.1.
Socket creation The helper functions create_default_context() returns a new context with secure default settings. The old wrap_socket() function is deprecated since it is both inefficient and has no support for server name indication (SNI) and hostname matching.
Simple HTTPS Server using Python Also on Windows, go to https://indy.fulgan.com/SSL/openssl-1.0.2t-x64_86-win64.zip, and unzip. Afterwards on both Windows and Linux, type this command and hit enter. (This is the only command you need in Linux, but you need to do previous steps in Windows.) Copy created key.
By default, the Python ssl module uses the system CA certificate bundle - /etc/pki/tls/certs/ca-bundle.
Got this working after several days. MAC OS X El Captian or greater
sudo rm -rf /Library/Frameworks/Python.framework/Versions/2.7
sudo rm -rf "/Applications/Python 2.7"
cd /usr/local/bin/
ls -l /usr/local/bin | grep '../Library/Frameworks/Python.framework/Versions/2.7' | awk '{print $9}' | tr -d @ | xargs rm
brew uninstall python
brew uninstall openssl
brew link --force openssl
Now install python and openssl again using brew.
brew install openssl
brew install python --with-brewed-openssl
Add the following to the PATH in ~/.bash_profile on your MAC
vi ~/.bash_profile
export PATH=/usr/local/opt/openssl/bin:/usr/local/opt/python/libexec/bin:$PATH
restart the terminal
python --version (verify if it is picking up the right version)
openssl version -a (verify if it is picking up the right version)
python -c "import ssl; print ssl.OPENSSL_VERSION"
(note: if you installed Python3, you'll have to update the print
syntax in the inline compiler step)
python -c "import ssl; print(ssl.OPENSSL_VERSION)"
should give you the latest version OPEN SSL version
2018 on MacOS
I tried with the other answers without success:
--with-brewed-openssl
option gives Warning: python: this formula has no --with-brewed-openssl option so it will be ignored!
brew link openssl --force
gives Warning: Refusing to link: openssl
I got it working with
brew install openssl
brew install python@2
Then
openssl version
and
python -c "import ssl; print ssl.OPENSSL_VERSION"
gave me the same OpenSSL version.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With