We don't state a dependency on M2Crypto in requirements.txt, and it creates a transitive dependency on a compatible version of OpenSSL being installed too, so it'd make this script more portable if we used cryptography.io instead (we started migrating to that with PR #953).
We don't state a dependency on M2Crypto in requirements.txt, and it creates a transitive dependency on a compatible version of OpenSSL being installed too, so it'd make this script more portable if we used cryptography.io instead (we started migrating to that with PR #953).