I am trying to get a Kilo OpenStack cloud deployed and I was getting this error:
Execution of '/usr/bin/openstack token issue --format value' returned 1: /usr/lib/python2.7/site-packages/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see
So I go to: https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning
I find out that I do not have access to a python version better than 2.7.5 so I look at:
https://urllib3.readthedocs.org/en/latest/security.html#pyopenssl
So do what they recommend I do ...
# pip install pyopenssl ndg-httpsclient pyasn1
/usr/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
You are using pip version 7.1.0, however version 7.1.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Requirement already satisfied (use --upgrade to upgrade): pyopenssl in /usr/lib64/python2.7/site-packages
Collecting ndg-httpsclient
/usr/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Downloading ndg_httpsclient-0.4.0.tar.gz
Requirement already satisfied (use --upgrade to upgrade): pyasn1 in /usr/lib/python2.7/site-packages
Installing collected packages: ndg-httpsclient
Running setup.py install for ndg-httpsclient
Successfully installed ndg-httpsclient-0.4.0
The docs also say this:
Once the packages are installed, you can tell urllib3 to switch the ssl backend to PyOpenSSL with inject_into_urllib3():
import urllib3.contrib.pyopenssl urllib3.contrib.pyopenssl.inject_into_urllib3() Now you can continue using urllib3 as you normally would.
I do not understand what that means? Is there some python source code I need to go patch?
Update:
I did as suggested by Josep and this is what is happening:
# python
Python 2.7.5 (default, Jun 24 2015, 00:41:19)
[GCC 4.8.3 20140911 (Red Hat 4.8.3-9)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import urllib3
>>> import pyopenssl
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ImportError: No module named pyopenssl
Yet I have pyopenssl installed ...
# pip install pyopenssl
Requirement already satisfied (use --upgrade to upgrade): pyopenssl in /usr/lib64/python2.7/site-packages
UPDATE:
Here's what happens if I do this ...
# python
Python 2.7.5 (default, Jun 24 2015, 00:41:19)
[GCC 4.8.3 20140911 (Red Hat 4.8.3-9)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import OpenSSL
>>> import urllib3
>>> import urllib3.contrib.pyopenssl as pyopenssl
>>> pyopenssl.inject_into_urllib3()
>>>
I understand that you are using OpenStack which uses urllib3. So yes, if you want to go that avenue and "patch" OpenStack, look for something like import .*urllib3.* or from urllib3 import .* and after every instance add the two lines they instruct you to add.