Closed tba-apps closed 11 years ago
Can you paste the full log /Users/tba/.pip/pip.log
please?
Same error here on OSX 10.6.8 . Seems to be SSL related.
here's the full log:
------------------------------------------------------------
/Library/Frameworks/Python.framework/Versions/Current/bin/pip run on Fri Mar 8 12:44:05 2013
Downloading/unpacking cato
Getting page https://pypi.python.org/simple/cato/
Could not fetch URL https://pypi.python.org/simple/cato/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/cato/ when looking for download links for cato
Getting page https://pypi.python.org/simple/
Could not fetch URL https://pypi.python.org/simple/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/ when looking for download links for cato
Cannot fetch index base URL https://pypi.python.org/simple/
URLs to search for versions for cato:
* https://pypi.python.org/simple/cato/
Getting page https://pypi.python.org/simple/cato/
Could not fetch URL https://pypi.python.org/simple/cato/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/cato/ when looking for download links for cato
Could not find any downloads that satisfy the requirement cato
No distributions at all found for cato
Exception information:
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/basecommand.py", line 139, in main
status = self.run(options, args)
File "/Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/commands/install.py", line 266, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "/Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/req.py", line 1026, in prepare_files
url = finder.find_requirement(req_to_install, upgrade=self.upgrade)
File "/Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/index.py", line 171, in find_requirement
raise DistributionNotFound('No distributions at all found for %s' % req)
DistributionNotFound: No distributions at all found for cato
Can you run with -v so we get the actual SSL error?
there's no more info to be had with -v
.
(if you're in github, scroll over to the right)
here's the detail:
<urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
just noticed vinay has some extra logic related to ssl versioning in distlib (@vsajip) maybe we need that?
Oops missed that.
What version of openssl? (python -c "import ssl; print ssl.OPENSSL_VERSION"
).
fwiw, on a mac that's not failing: OpenSSL 0.9.8r 8 Feb 2011
to be clear, distlib's extra logic is related to python version and ssl protocol version. this issue just may require an openssl client library upgrade (or recompile) for certain OSX users.
SSL v2 is known to be insecure, pretty sure PyPI itself disables it but for non PyPI indexes it might be useful for pip to do the same.
Shouldn't be related to the issue at hand though.
opened #832 regarding @dstufft comment about restricting the ssl protocol version
@dstufft Here is my openssl version:
tba:~$ python -c "import ssl; print ssl.OPENSSL_VERSION"
OpenSSL 0.9.7l 28 Sep 2006
Here is the output with -v:
tba:~$ pip install -Uv pip
Could not fetch URL https://pypi.python.org/simple/pip/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:499: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/pip/ when looking for download links for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Could not fetch URL https://pypi.python.org/simple/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:499: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/ when looking for download links for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Cannot fetch index base URL https://pypi.python.org/simple/
Could not fetch URL https://pypi.python.org/simple/pip/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:499: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/pip/ when looking for download links for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Could not find any downloads that satisfy the requirement pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Downloading/unpacking pip
No distributions at all found for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Exception information:
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/basecommand.py", line 139, in main
status = self.run(options, args)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/commands/install.py", line 266, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/req.py", line 1025, in prepare_files
raise not_found
DistributionNotFound: No distributions at all found for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Storing complete log in /Users/tba/.pip/pip.log
Here is the complete log:
tba:~$ cat ~/.pip/pip.log
------------------------------------------------------------
/Library/Frameworks/Python.framework/Versions/2.7/bin/pip run on Fri Mar 8 10:55:12 2013
Getting page https://pypi.python.org/simple/pip/
Could not fetch URL https://pypi.python.org/simple/pip/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:499: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/pip/ when looking for download links for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Getting page https://pypi.python.org/simple/
Could not fetch URL https://pypi.python.org/simple/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:499: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/ when looking for download links for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Cannot fetch index base URL https://pypi.python.org/simple/
URLs to search for versions for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg:
* https://pypi.python.org/simple/pip/
Getting page https://pypi.python.org/simple/pip/
Could not fetch URL https://pypi.python.org/simple/pip/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:499: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/pip/ when looking for download links for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Could not find any downloads that satisfy the requirement pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Downloading/unpacking pip
No distributions at all found for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
Exception information:
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/basecommand.py", line 139, in main
status = self.run(options, args)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/commands/install.py", line 266, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/req.py", line 1025, in prepare_files
raise not_found
DistributionNotFound: No distributions at all found for pip in /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg
tba:~$
@tba-apps I don't know much about the OSX macport, homebrew stuff, but can you try an openssl upgrade?
I was using ActivePython 2.7.2.5 and getting the same error. I switched to a fully brew distribution and now it's working. It doesn't solve the bug, but solved my problem...
brew update
brew install openssl
brew install python --with-brewed-openssl
brew linkapps
And set these vars:
PATH=$(brew --prefix)/share/python:$(brew --prefix)/share/python/bin:$(brew --prefix)/share/python/sbin:$PATH
PYTHONPATH=$(brew --prefix)/lib/python2.7/site-packages:$PYTHONPATH
Check your pip path with which pip
, it must be the one in /usr/local/share/python.
Then:
pip install --upgrade distribute
pip install --upgrade pip
Now I'm able to use pip again.
I wonder if this is an ActivePython issue then.
Probably. Before this setup Python was linked against OpenSSL 0.9.7l 28 Sep 2006 and now it's OpenSSL 1.0.1c 10 May 2012.
I wasn't able to test against the native Mac OS Python though.
Same problem here on Windows 7 with Python 2.7.3 while trying to install any package... I found this problem after upgrading to pip 1.3.1...
@matino please can you include a log or a link to a gist of a log produced with a run with -v.
Hi, here it is (result of pip install -Uv django) https://gist.github.com/matino/5143458
So your error is
/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed>
I can see that the problem may be with the network. On my company network I get the error, but when I switch to 3g it works... 1.2.1 works as expected on both networks though...
btw, our automated testing for windows includes py27 on 2008 server. http://jenkins.qwcode.com/job/pip_win_27/
I get this same error when I try to use the pip generated when I set up a virtualenv, but natively, pip works fine. My OpenSSL version is also OpenSSL 0.9.7l 28 Sep 2006.
@tduskin, is your global pip actually an older version that doesn't use SSL?
run pip --version
I'm using pip 1.3.1.
pip 1.3.1 from /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages (python 2.7)
Switching to brew Python as mentioned by @ulyssesv fixed the issue for me.
Upgrading to Python 2.7.3 (available from http://www.python.org/download/releases/2.7.3/) solved this issue for me. I am now able to use pip in my virtualenv.
I'm seeing this same issue on OS/X 10.8.2 with Python 2.6.6.
The Python build is the OS/X framework one from python.org
/Library/Frameworks/Python.framework/Versions/2.6/bin/python2.6
The OpenSSL version is OpenSSL 0.9.8r 8 Feb 2011
In my case this is happening in a tox
run that tests the package under 2.6, 2.7, 3.2, and 3.3. The failure only happens under 2.6, and only started happening yesterday after I upgraded virtualenv
and pip
in the environment to:
$ virtualenv --version
1.9.1
and
$ pip --version
pip 1.3.1 from /Users/doug/.virtualenvs/blogofile-dev-3.2/lib/python3.2/site-packages (python 3.2)
pip log from the failure:
------------------------------------------------------------
../bin/pip run on Fri Mar 15 21:03:40 2013
Unpacking /Users/doug/.tox/distshare/Blogofile-0.8b1.zip
Running setup.py egg_info for package from file:///Users/doug/.tox/distshare/Blogofile-0.8b1.zip
running egg_info
creating pip-egg-info/Blogofile.egg-info
writing requirements to pip-egg-info/Blogofile.egg-info/requires.txt
writing pip-egg-info/Blogofile.egg-info/PKG-INFO
writing top-level names to pip-egg-info/Blogofile.egg-info/top_level.txt
writing dependency_links to pip-egg-info/Blogofile.egg-info/dependency_links.txt
writing entry points to pip-egg-info/Blogofile.egg-info/entry_points.txt
writing manifest file 'pip-egg-info/Blogofile.egg-info/SOURCES.txt'
warning: manifest_maker: standard file '-c' not found
reading manifest file 'pip-egg-info/Blogofile.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
writing manifest file 'pip-egg-info/Blogofile.egg-info/SOURCES.txt'
Source in /var/folders/4x/5r9809nn4dg6jql9768bm6dc0000gn/T/pip-dLVbFI-build has version 0.8b1, which satisfies requirement Blogofile==0.8b1 from file:///Users/doug/.tox/distshare/Blogofile-0.8b1.zip
Downloading/unpacking discover
Getting page https://pypi.python.org/simple/discover/
Could not fetch URL https://pypi.python.org/simple/discover/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:490: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/discover/ when looking for download links for discover
Getting page https://pypi.python.org/simple/
Could not fetch URL https://pypi.python.org/simple/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:490: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/ when looking for download links for discover
Cannot fetch index base URL https://pypi.python.org/simple/
URLs to search for versions for discover:
* https://pypi.python.org/simple/discover/
Getting page https://pypi.python.org/simple/discover/
Could not fetch URL https://pypi.python.org/simple/discover/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:490: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/discover/ when looking for download links for discover
Could not find any downloads that satisfy the requirement discover
No distributions at all found for discover
Exception information:
Traceback (most recent call last):
File "/Users/doug/Documents/devel/python/blogofile_blog-dev/.tox/py26/lib/python2.6/site-packages/pip-1.3.1-py2.6.egg/pip/basecommand.py", line 139, in main
status = self.run(options, args)
File "/Users/doug/Documents/devel/python/blogofile_blog-dev/.tox/py26/lib/python2.6/site-packages/pip-1.3.1-py2.6.egg/pip/commands/install.py", line 266, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "/Users/doug/Documents/devel/python/blogofile_blog-dev/.tox/py26/lib/python2.6/site-packages/pip-1.3.1-py2.6.egg/pip/req.py", line 1026, in prepare_files
url = finder.find_requirement(req_to_install, upgrade=self.upgrade)
File "/Users/doug/Documents/devel/python/blogofile_blog-dev/.tox/py26/lib/python2.6/site-packages/pip-1.3.1-py2.6.egg/pip/index.py", line 171, in find_requirement
raise DistributionNotFound('No distributions at all found for %s' % req)
DistributionNotFound: No distributions at all found for discover
The error is:
Could not fetch URL https://pypi.python.org/simple/discover/: There was a problem confirming the ssl certificate:
<urlopen error [Errno 1] _ssl.c:490: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown
message digest algorithm>
But PyPI certificate (which is *.python.org) uses SHA1 as message digest. It's weird that anything would not support it, even if a few years old.
I tried reproducing it with this setup:
And I cannot reproduce it. If I created a virtualenv with Python 2.6 (using virtualenv -p python2.6
), and then run pip to install any package, it is able to correctly connect to PyPI and download it without any SSL warning.
It looks like the only difference is that you're using Python 2.6 from python.org. Can you please try whether using the system Python 2.6 fixes it?
For what it's worth, I'm seeing the same error on
when I use the Python 2.7.3 that comes in EPD 7.3-2 in a virtualenv. I don't see the error using that same python outside of a virtualenv or using the system python 2.7.2.
Same problem here, without virtualenv.
My setting is a vanilla install from EPD. The steps to reproduce the error, on Mac OS X 10.8.2 are
easy_install pip
pip install --upgrade ipython
You will get the same error as everyone else:
/Library/Frameworks/Python.framework/Versions/7.3/bin/pip run on Wed Mar 20 10:58:59 2013
Getting page https://pypi.python.org/simple/ipython/
Could not fetch URL https://pypi.python.org/simple/ipython/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/ipython/ when looking for download links for ipython in /Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages
Getting page https://pypi.python.org/simple/
Could not fetch URL https://pypi.python.org/simple/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/ when looking for download links for ipython in /Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages
Cannot fetch index base URL https://pypi.python.org/simple/
URLs to search for versions for ipython in /Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages:
* https://pypi.python.org/simple/ipython/
Getting page https://pypi.python.org/simple/ipython/
Could not fetch URL https://pypi.python.org/simple/ipython/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm>
Will skip URL https://pypi.python.org/simple/ipython/ when looking for download links for ipython in /Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages
Could not find any downloads that satisfy the requirement ipython in /Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages
Downloading/unpacking ipython
No distributions at all found for ipython in /Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages
Exception information:
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/basecommand.py", line 139, in main
status = self.run(options, args)
File "/Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/commands/install.py", line 266, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "/Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg/pip/req.py", line 1025, in prepare_files
raise not_found
DistributionNotFound: No distributions at all found for ipython in /Library/Frameworks/Python.framework/Versions/7.3/lib/python2.7/site-packages
For what it's worth, my problem was asked, and fixed, on SO: http://stackoverflow.com/questions/15441224/can-i-relink-enthought-python-to-new-version-of-openssl-on-mac-os-x
The solution is simply to downgrade pip with
easy_install pip==1.2.1
@rasky I tried with a virtualenv based on the OS/X 10.8.2 system Python 2.6.7 as you requested, and I get the same result that you do - pip 1.3.1 installs packages without difficulty.
So, it would seem that the problem lies in the linkage of the installed OpenSSL library to the python.org Python 2.6.6 framework.
I have the same problem (no virtualenv) on archlinux ARM (running on the raspberry py). pip version: 1.3.1
I have the same issue on python 2.6.6 OSX 10.6.8. Upgraded pip/distribute. Going to try reinstalling 2.6 and see if it fixes.
Downgrading to an older version of pip was the only thing I found that solved this. Did pypi change their certs or something?
@hivelocity ssl cert support is new in pip-1.3.1. many osx users have fixed this by getting to a python distribution that's linked against a newer openssl lib.
Same problem on pip 1.3.1(python 2.7.3) in Tomato enable router . Solved by downgrading pip to 1.2.1.
FWIW, I am seeing this on a windows machine. Python 2.6.2, virtualenv 1.9.1 (which installs pip 1.3.1)
@dubois , can you report the text of your ssl error, also python -c "import ssl; print ssl.OPENSSL_VERSION"
, thanks.
Could not fetch URL https://pypi.python.org/simple/South/: There was a problem confirming the ssl certificate:
<urlopen error [Errno 1] _ssl.c:480: error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm>
I forgot to mention earlier that the failing computer uses ActivePython 2.6.2.2, not a stock python.org build. OPENSSL_VERSION is a 2.7 feature, but "strings _ssl.pyd" shows "OpenSSL 0.9.8k 25 Mar 2009".
Additionally, I can confirm that (in Win32) upgrading to ActivePython 2.6.7.20 fixes the problem. Its_ssl.pyd uses OpenSSL 0.9.8r 8 Feb 2011. I believe ActiveState is a little more aggressive about updating OpenSSL in their builds, so YMMV if using a python.org build.
thanks @dubois. just updated the description to more relevant to OSX and windows users.
@olivierverdier I tried different solutions proposed in this page, but yours was the one that work for me. I had to downgrade Pip:
easy_install pip==1.2.1
Hi, I would like to download nltk package for python and always get an error message saying that there is a problem confirming the ssl certificate. I'd really appreciate it if you could recommend me a solution to my problem :) here is the log:
Last login: Sun Apr 21 12:52:49 on ttys000 macbook-macbook-demo-2:~ MacBookDemo$ python -V Python 2.7.4 macbook-macbook-demo-2:~ MacBookDemo$ sudo sh /Users/MacBookDemo/Downloads/setuptools-0.6c11-py2.7.egg Password: NProcessing setuptools-0.6c11-py2.7.egg Removing /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/setuptools-0.6c11-py2.7.egg Copying setuptools-0.6c11-py2.7.egg to /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages setuptools 0.6c11 is already the active version in easy-install.pth Installing easy_install script to /Library/Frameworks/Python.framework/Versions/2.7/bin Installing easy_install-2.7 script to /Library/Frameworks/Python.framework/Versions/2.7/bin
Installed /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/setuptools-0.6c11-py2.7.egg Processing dependencies for setuptools==0.6c11 Finished processing dependencies for setuptools==0.6c11 macbook-macbook-demo-2:~ MacBookDemo$ macbook-macbook-demo-2:~ MacBookDemo$ sudo easy_install pip Searching for pip Best match: pip 1.3.1 Processing pip-1.3.1-py2.7.egg pip 1.3.1 is already the active version in easy-install.pth Installing pip script to /Library/Frameworks/Python.framework/Versions/2.7/bin Installing pip-2.7 script to /Library/Frameworks/Python.framework/Versions/2.7/bin
Using /Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg Processing dependencies for pip Finished processing dependencies for pip macbook-macbook-demo-2:~ MacBookDemo$ sudo pip install -U numpy Downloading/unpacking numpy Could not fetch URL https://pypi.python.org/simple/numpy/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm> Will skip URL https://pypi.python.org/simple/numpy/ when looking for download links for numpy Could not fetch URL https://pypi.python.org/simple/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm> Will skip URL https://pypi.python.org/simple/ when looking for download links for numpy Cannot fetch index base URL https://pypi.python.org/simple/ Could not fetch URL https://pypi.python.org/simple/numpy/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm> Will skip URL https://pypi.python.org/simple/numpy/ when looking for download links for numpy Could not find any downloads that satisfy the requirement numpy No distributions at all found for numpy Storing complete log in /Users/MacBookDemo/.pip/pip.log macbook-macbook-demo-2:~ MacBookDemo$ sudo pip install -U pyyaml nltk Downloading/unpacking pyyaml Could not fetch URL https://pypi.python.org/simple/pyyaml/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm> Will skip URL https://pypi.python.org/simple/pyyaml/ when looking for download links for pyyaml Could not fetch URL https://pypi.python.org/simple/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm> Will skip URL https://pypi.python.org/simple/ when looking for download links for pyyaml Cannot fetch index base URL https://pypi.python.org/simple/ Could not fetch URL https://pypi.python.org/simple/pyyaml/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm> Will skip URL https://pypi.python.org/simple/pyyaml/ when looking for download links for pyyaml Could not find any downloads that satisfy the requirement pyyaml No distributions at all found for pyyaml Storing complete log in /Users/MacBookDemo/.pip/pip.log macbook-macbook-demo-2:~ MacBookDemo$
I had the same problem with pip on a Beagle Bone Black with
root@beaglebone:~# cat /proc/version Linux version 3.8.13 (koen@rrMBP) (gcc version 4.7.3 20130205 (prerelease) (Linaro GCC 4.7-2013.02-01) ) #1 SMP Mon May 13 08:43:47 CEST 2013
root@beaglebone:~# pip --version pip 1.3.1 from /usr/lib/python2.7/site-packages/pip-1.3.1-py2.7.egg (python 2.7)
pip install pyFirmata Downloading/unpacking pyFirmata Could not fetch URL https://pypi.python.org/simple/pyFirmata/: There was a problem confirming the ssl certificate: <urlopen error [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_C
The problem was solved by downgrading to root@beaglebone:~# pip --version pip 1.2.1 from /usr/lib/python2.7/site-packages/pip-1.2.1-py2.7.egg (python 2.7)
Hope it will be solved in new versions.
Thanks for the help.
Jacques
@JacquesBBB at this time, there are no plans to make in changes in pip for this. from the description: "there are currently no plans to offer a fix for this other than to recommend people to use a python that is linked to a more recent version of openssl."
@qwcode I just downgraded my pip from 1.3.1 to 1.2.1 to fix this issue.
I think it should check my version of openssl linked to python when I install pip.
This applies also to FC 17 too - on Linux. I have downgraded to 1.2.1. Perhaps 1.3.1 should no longer be recommended until this is fixed - it afflicts more than one of the boxes I work with.
Downgrading to pip 1.2 means you're downloading packages with zero authentication and then executing the code inside of them. I hope for your sake your computer is never on a malicious network because it's absolutely trivial for an attacker to pwn your box if you're using 1.2.
If this is affecting boxes you're working with it is imperative that you install using pip 1.3+. Doing otherwise is highly insecure.
Which linux distro's and mac sidekick distro's actually have a compliant Python 2.7.x binary in them? I can understand the need for security - but right now it is effectively broken for people who aren't downloading the build tools and recompiling their own python. It may seem lazy not to want to do so - but I've not needed to merely to use pip packaging before.
It works fine with Homebew Python on OSX and Ubuntu 12.04 LTS. I don't have other distributions handy to take a look to build some compatibility matrix. I don't mean to be dismissive but if the distribution you're using provides a openssl that doesn't work with SSL certs w/ sha1 they are shipping an insecure openssl afaik. Using MD5 digests for SSL certificates are vulnerable to collision attacks.
OSX and Windows users on pythons linked to an older openssl version (e.g. "OpenSSL 0.9.7l 28 Sep 2006" on OSX and "OpenSSL 0.9.8k 25 Mar 2009" on windows) get an error like the following when pip installs from pypi.
to determine your openssl version, run
python -c "import ssl; print ssl.OPENSSL_VERSION"
there are currently no plans to offer a fix for this other than to recommend people to use a python that is linked to a more recent version of openssl.