Vagrant Up: InsecurePlatformWarning - python

I'm trying to do vagrant up but keep running into this error:
==> default: IOError: [Errno 13] Permission denied: '/usr/local/lib/python2.7/dist-packages/_billiard.so'
==> default: /usr/local/lib/python2.7/dist-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.
==> default: InsecurePlatformWarning
The SSH command responded with a non-zero exit status. Vagrant
assumes that this means the command failed. The output for this command
should be in the log above. Please read the output to determine what
went wrong.
I did install urllib3[secure] and built cryptography as the documentation says, but no luck with that.
Working from Ubuntu 16.04
Vagrant version --> 1.9.3
Just in case, VirtualBox version --> 5.1.20r114628
Also i'd rather avoid doing sudo vagrant up as I have read several times it is not recommended. I'm fairly new to this and don't want to mess up a lot.
UPDATE: i have already tried installing requests[security] as I read on a similar thread, but did not solve the issue...
UPDATE: also tried following this thread -->
InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately but not working either

Try upgrade python modules
sudo pip install pyOpenSSL cryptography idna certifi --upgrade
sudo pip install urllib3[secure] --upgrade
sudo pip install requests[security] --upgrade

Related

Can't upgrade pip 1.5.4 on Ubuntu 14.04 - InsecurePlatformWarning: A true SSLContext object is not available

I am currently running pip, version 1.5.4 on Ubuntu 14.04, and python 2.7.6 and cannot upgrade pip to the latest version.
When I run pip install --upgrade pip I get the following error:
Cannot fetch index base URL https://pypi.python.org/simple/
Could not find any downloads that satisfy the requirement pip in ./.venv/lib/python2.7/site-packages
Downloading/unpacking pip
Cleaning up...
No distributions at all found for pip in ./.venv/lib/python2.7/site-packages
Storing debug log for failure in /home/buffcat/.pip/pip.log
And when I try to upgrade using get-pip.py I get the following ssl error:
/tmp/tmpKVfWOr/pip.zip/pip/_vendor/urllib3/util/ssl_.py:369: SNIMissingWarning: An HTTPS request has been made, but the SNI (Server Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
/tmp/tmpKVfWOr/pip.zip/pip/_vendor/urllib3/util/ssl_.py:160: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '_ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed'),)': /simple/pip/
What can I do to upgrade pip on my machine?
While it is not recommended to upgrade Ubuntu system pip (the one from the Ubuntu distribution-supplied python-pip debian package) bypassing apt-get, it is acceptable to do so in a venv/virtualenv or at your user home dir level (the --user pip option). This way allows to use it without conflicting with "system" pip. It seems you were working inside a virtualenv, which is a good practice.
The SSLError is caused by the fact that your system's underlying OpenSSL library version<1.0.1 and Python version<2.7.9 do not support the newer TLS protocol version 1.2 that PyPI expects since about a year ago. And so pip cannot connect to PyPI over the older SSL/TLS protocols any longer.
You can check the versions with:
$ python -c "import ssl; print(ssl.OPENSSL_VERSION)" && openssl version
The error may be reproduced even without pip, with something like:
$ curl -i https://pypi.org/simple/ --tlsv1
curl: (35) error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version
Because pip is unable to connect to PyPI, we can upgrade it manually:
In Firefox, open the Python Package Index official webpage and locate the pip project,
Choose "Download Files" there -- here is a direct link: https://pypi.org/project/pip/#files
Click on the recent pip package file in wheel format (.whl) to download,
Install in the venv/virtualenv you've been working on, for example:
$ source bin/activate
(venv) $ pip install --no-index ~/Downloads/pip-19.0.1-py2.py3-none-any.whl
(venv) $ pip --version
pip 19.0.1 from ...
But upgrading/installing the newer pip version is half the battle. For it to be able to connect to PyPI, we need to resolve the root cause: the InsecurePlatformWarning .. Caused by SSLError .. SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version'.
To fix it, you'll need to manually install (in the same way) additional packages besides pip. The detailed step-by-step guide here on Stackoverflow: Unable to install Python packages using pip in Ubuntu Linux: InsecurePlatformWarning, SSLError, tlsv1 alert protocol version

Trying to install package to my home directory results in error

I'm using Amazon Linux. I don't have sudo and want to install a package to my home direcotry. So I'm trying the below, but getting the error,
"No matching distribution found for awscii"
[myuser#mymachine ~]$ pip install --user awscii
DEPRECATION: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of pip will drop support for Python 2.6
Collecting awscii
/home/myuser/.local/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning.
SNIMissingWarning
/home/myuser/.local/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Could not find a version that satisfies the requirement awscii (from versions: )
No matching distribution found for awscii
[myuser#mymachine ~]$
What is the proper way to install a python package to my home directory?
The default ec2-user has sudo privileges so you should be able to upgrade your python version
$ sudo yum update
I think this only should even upgrade you to python27.
If not if you want to install python 27
$ sudo yum install python27
If you want to install python 3
$ sudo yum install python34

Cannot upgrade PIP in virtual environment

I am trying to upgrade pip in a virtual environment. I am using the venvburrito wrapper, in an ubuntu 14.04 machine. When I try to update it I get the following error:
(virtual_env) ubuntu#ip-xxxxxxx:~$ pip install pip --upgrade
Collecting pip
Using cached pip-9.0.1-py2.py3-none-any.whl
Installing collected packages: pip
Found existing installation: pip 8.1.2
Not uninstalling pip at /home/ubuntu/.venvburrito/lib/python2.7/site-packages/pip-8.1.2-py2.7.egg, outside environment /home/ubuntu/.virtualenvs/virtual_env
Successfully installed pip-8.1.2
You are using pip version 8.1.2, however version 9.0.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
If I try it with sudo, inside the virtual environment, I get the following error:
(virtual_env) ubuntu#ip-xxxxxxx:~$ sudo pip install --upgrade pip
The directory '/home/ubuntu/.cache/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
The directory '/home/ubuntu/.cache/pip' or its parent directory is not owned by the current user and caching wheels has been disabled. check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
/home/ubuntu/.local/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:318: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning.
SNIMissingWarning
/home/ubuntu/.local/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Requirement already up-to-date: pip in ./.local/lib/python2.7/site-packages
/home/ubuntu/.local/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:122: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. You can upgrade to a newer version of Python to solve this. For more information, see https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
When I do it outside the virtual environment, it installs correctly.
Any help will be much appreciated.
Thanks
Try this one, it worked for me.
(inside virtualenv):easy_install -U pip
or
(inside virtualenv):easy_install pip
sometimes this helps(I had similar issue pip not upgrading and 1st command worked for me):
python -m ensurepip
or
python -m ensurepip --upgrade
Try installing it as follows, within your virtualenv:
curl https://bootstrap.pypa.io/get-pip.py | python
Seen a lot of problems with pip that all seem to be fixed by running it as a python module instead of directly:
python -m pip install --upgrade pip

Why am I getting InsecurePlatformWarning on mac?

when I ran pip freeze I got the following warning:
/Library/Python/2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:79: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
When I follow the url to here, it seems to suggest could ignore it. Is that right? Is this something I need to address?
do as followed:
brew install openssl
ln -s /usr/local/Cellar/openssl/1.0.2c/include/openssl /usr/local/include/openssl
pip install --upgrade urllib3
pip install pyopenssl ndg-httpsclient pyasn1

Tweepy gives urllib 3 SSL warning

Python version: 2.6.6
/usr/lib/python2.6/site-packages/requests/packages/urllib3/util/ssl_.py:79: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Code:
api.update_status(status=myVar)
I imagine I need to downgrade something, just not sure what it is.
Tweepy was just installed to my Python 2.6.6 via pip.
I don't know what OS you're using, I'm using a Mac so hopefully this works for you.
If you are trying to update your pip to 6.1.1 you have to upgrade Python 2.7.9 because the certification is bundled together. You can see this in the README documentation for Python 2.7.9: "The bundled pip included with 2.7.9 has its own default certificate store for verifying download connections"
It also says that the 0.9.7 version of the OpenSSL library is out of date, so if you download a new version of python you have to make sure the version of OpenSSL it is linked to is up to date. Right now it should be the 10.5+ 32-bit variant and it is linked with a private copy of OpenSSL 1.0.1
After you've downloaded that try installing pip. I had permission issues so I had to use sudo to install using: sudo pip install --upgrade pip
If that doesn't work you can try upgrading your setup tools:
pip install --upgrade --no-use-wheel setuptools
or
pip install --upgrade setuptools
Then you will need to upgrade Python: pip install --upgrade python
If you need help with pip commands use: pip2.7 --help
After that you can double check to make sure the correct versions are installed using: pip --version and python --version.
I hope that helps!
I had this problem just then, but from the link given:
InsecurePlatformWarning
New in version 1.11.
Certain Python platforms (specifically, versions of Python earlier than 2.7.9) have restrictions in their ssl module that limit the configuration that urllib3 can apply. In particular, this can cause HTTPS requests that would succeed on more featureful platforms to fail, and can cause certain security features to be unavailable.
Updating from 2.7.6 to 2.7.9 fixed the warning.

Categories