我正在尝试连接到Stripe来设置付款。我在我的开发机器上运行它,但是当我推到生产时,我得到以下SSL错误:
- 无法连接到HTTPS URL,因为SSL模块不可用。**
以下是我的设置的详细信息:
- Ubuntu 16.04
- Apache2
- mod_wsgi
- Python 3.6语言
- Django 1.11
- Python/Django进程都安装并运行在一个名为"ProtectYourReviews"的Anaconda(Miniconda)虚拟环境中
我读过很多其他的SO回答,他们建议重新安装python,但是要确保先安装依赖项。当安装inside和anaconda环境时,这应该不是一个问题吧?anaconda不应该为我处理所有的依赖项吗?
我已经启用了HTTPS,并且可以在整个域运行(所有请求都被路由到https)。当我检查安装时,我确实有openssl,当我在django环境中打开shell时,我可以导入和使用模块,没有问题...所以我不知道如何继续解决这个问题。
任何帮助都是非常感谢!
- 此外,这里有一个堆栈跟踪:*
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/connectionpool.py" in urlopen
589. conn = self._get_conn(timeout=pool_timeout)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/connectionpool.py" in _get_conn
251. return conn or self._new_conn()
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/connectionpool.py" in _new_conn
827. raise SSLError("Can't connect to HTTPS URL because the SSL "
During handling of the above exception (Can't connect to HTTPS URL because the SSL module is not available.), another exception occurred:
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/requests/adapters.py" in send
440. timeout=timeout
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/connectionpool.py" in urlopen
639. _stacktrace=sys.exc_info()[2])
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/urllib3/util/retry.py" in increment
388. raise MaxRetryError(_pool, url, error or ResponseError(cause))
During handling of the above exception (HTTPSConnectionPool(host='api.stripe.com', port=443): Max retries exceeded with url: /v1/customers (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.",))), another exception occurred:
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/http_client.py" in request
121. **kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/requests/sessions.py" in request
508. resp = self.send(prep, **send_kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/requests/sessions.py" in send
618. r = adapter.send(request, **kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/requests/adapters.py" in send
506. raise SSLError(e, request=request)
During handling of the above exception (HTTPSConnectionPool(host='api.stripe.com', port=443): Max retries exceeded with url: /v1/customers (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.",))), another exception occurred:
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/core/handlers/exception.py" in inner
41. response = get_response(request)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/core/handlers/base.py" in _get_response
187. response = self.process_exception_by_middleware(e, request)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/core/handlers/base.py" in _get_response
185. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/views/decorators/csrf.py" in wrapped_view
58. return view_func(*args, **kwargs)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/django/contrib/auth/decorators.py" in _wrapped_view
23. return view_func(request, *args, **kwargs)
File "/home/user/protectyourreviews/protectyourreviews/../payments/views.py" in stripe_test
35. source=token
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/resource.py" in create
467. response, api_key = requestor.request('post', url, params, headers)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/api_requestor.py" in request
150. method.lower(), url, params, headers)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/api_requestor.py" in request_raw
335. method, abs_url, headers, post_data)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/http_client.py" in request
139. self._handle_request_error(e)
File "/home/user/miniconda3/envs/protectyourreviews/lib/python3.6/site-packages/stripe/http_client.py" in _handle_request_error
159. raise error.APIConnectionError(msg)
Exception Type: APIConnectionError at /payments/test/stripe/
Exception Value: Unexpected error communicating with Stripe. If this problem persists,
let us know at support@stripe.com.
(Network error: SSLError: HTTPSConnectionPool(host='api.stripe.com', port=443): Max retries exceeded with url: /v1/customers (Caused by SSLError("Can't connect to HTTPS URL because the SSL module is not available.",)))- 编辑**
在一个新的python virtualenv中重新安装mod_wsgi后,它仍然试图打开旧的anaconda路径。我已经在WSGIDaemonProcess中更改了python-home和python-path指令,但无论我如何尝试,它仍然试图从miniconda3目录(我已经删除了该目录)打开python。
以下是Apache错误日志中的跟踪:
Current thread 0x00007f99f6769780 (most recent call first):
[Mon Aug 28 20:13:15.264466 2017] [core:notice] [pid 26528] AH00051: child pid 26775 exit signal Aborted (6), possible coredump in /etc/apache2
[Mon Aug 28 20:13:15.264608 2017] [core:notice] [pid 26528] AH00051: child pid 26776 exit signal Aborted (6), possible coredump in /etc/apache2
[Mon Aug 28 20:13:16.340556 2017] [wsgi:info] [pid 26789] mod_wsgi (pid=26789): Python home /home/user/miniconda3/envs/protectyourreviews.
[Mon Aug 28 20:13:16.341203 2017] [wsgi:warn] [pid 26789] (2)No such file or directory: mod_wsgi (pid=26789): Unable to stat Python home /home/user/miniconda3/envs/protectyourreviews. Python interpreter may not be a$
[Mon Aug 28 20:13:16.341357 2017] [wsgi:info] [pid 26789] mod_wsgi (pid=26789): Initializing Python.
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ImportError: No module named 'encodings'- 编辑2**
是的,我确实从一个干净的源目录开始。我把mod_wsgi tar文件复制到新目录,并在新目录中运行configure/make/make install。我相信我在新安装之前也删除了apache模块文件,以防万一。
我尝试了多次迭代下面的指令(both/only python-home/only python-path),但是无论我怎么尝试,我都弄不明白为什么mod_wsgi一直在查找已删除的miniconda3文件夹。
下面是我的wsgi.load:
LoadModule wsgi_module /usr/lib/apache2/modules/mod_wsgi.so下面是我的Apache2指令(其中pyr_env是我的新Python virtualenv文件夹):
WSGIDaemonProcess protectyourreviews python-home=/home/user/pyr_env/ python-path=/home/user/protectyourreviews
WSGIProcessGroup protectyourreviews
WSGIScriptAlias / /home/user/protectyourreviews/zz_test/test.wsgi
<Directory /home/user/protectyourreviews/zz_test>
<Files test.wsgi>
Require all granted
</Files>
</Directory>- 编辑3**
我按照您在文档中建议的说明操作,输出如下。
下面是ldd的输出:
$ ldd /usr/lib/apache2/modules/mod_wsgi.so
linux-vdso.so.1 => (0x00007fffad973000)
libpython3.5m.so.1.0 => /usr/lib/x86_64-linux-gnu/libpython3.5m.so.1.0 (0x00007f05b8c02000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f05b89e5000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f05b861a000)
libexpat.so.1 => /lib/x86_64-linux-gnu/libexpat.so.1 (0x00007f05b83f1000)
libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f05b81d7000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f05b7fd2000)
libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007f05b7dcf000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f05b7ac6000)
/lib64/ld-linux-x86-64.so.2 (0x0000558bed982000)下面是取消设置LD_LIBRARY_PATH后的输出:
$ unset LD_LIBRARY_PATH
$ ldd /usr/lib/apache2/modules/mod_wsgi.so
linux-vdso.so.1 => (0x00007ffd91bd2000)
libpython3.5m.so.1.0 => /usr/lib/x86_64-linux-gnu/libpython3.5m.so.1.0 (0x00007f8bec8a6000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f8bec689000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f8bec2be000)
libexpat.so.1 => /lib/x86_64-linux-gnu/libexpat.so.1 (0x00007f8bec095000)
libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f8bebe7b000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f8bebc76000)
libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007f8beba73000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f8beb76a000)
/lib64/ld-linux-x86-64.so.2 (0x000055e8861a5000)编辑4
我确保虚拟环境文件夹的权限设置正确,并再次重新编译以确保我拥有正确的版本。以下是该过程的所有输入和输出:
#----CHANGE PERMISSIONS OF VIRTUAL ENVIRONMENT
$ sudo chgrp -R www-data /home/user/pyr_env/
$ sudo chmod -R g+rwx /home/user/pyr_env/
#----DELETE OLD FOLDER
$ rm -r mod_wsgi-4.5.17/
#----START FRESH WITH CONFIG/MAKE/INSTALL
$ tar xvfz 4.5.17.tar.gz
$ cd mod_wsgi-4.5.17/
$ ./configure --with-python=/usr/bin/python3
$ make
$ sudo make install
/usr/bin/apxs2 -i -S LIBEXECDIR=/usr/lib/apache2/modules -n 'mod_wsgi' src/server/mod_wsgi.la
/usr/share/apache2/build/instdso.sh SH_LIBTOOL='/usr/share/apr-1.0/build/libtool' src/server/mod_wsgi.la /usr/lib/apache2/modules
/usr/share/apr-1.0/build/libtool --mode=install install src/server/mod_wsgi.la /usr/lib/apache2/modules/
libtool: install: install src/server/.libs/mod_wsgi.so /usr/lib/apache2/modules/mod_wsgi.so
libtool: install: install src/server/.libs/mod_wsgi.lai /usr/lib/apache2/modules/mod_wsgi.la
libtool: finish: PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/sbin" ldconfig -n /usr/lib/apache2/modules
----------------------------------------------------------------------
Libraries have been installed in:
/usr/lib/apache2/modules
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,-rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 644 /usr/lib/apache2/modules/mod_wsgi.so
#----OUTPUT OF LDD
$ ldd /usr/lib/apache2/modules/mod_wsgi.so
linux-vdso.so.1 => (0x00007ffcfb9a9000)
libpython3.5m.so.1.0 => /usr/lib/x86_64-linux-gnu/libpython3.5m.so.1.0 (0x00007f19ae26f000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f19ae052000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f19adc87000)
libexpat.so.1 => /lib/x86_64-linux-gnu/libexpat.so.1 (0x00007f19ada5e000)
libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f19ad844000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f19ad63f000)
libutil.so.1 => /lib/x86_64-linux-gnu/libutil.so.1 (0x00007f19ad43c000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f19ad133000)
/lib64/ld-linux-x86-64.so.2 (0x000055aa1cb7a000)
#----RESTART APACHE
$ sudo apache2ctl restart不幸的是,我在Apache中看到了完全相同的错误。下面是 * apache2/error.log *:
Current thread 0x00007fb350fee780 (most recent call first):
[Wed Aug 30 14:13:08.130076 2017] [core:notice] [pid 9754] AH00051: child pid 28636 exit signal Aborted (6), possible coredump in /etc/apache2
[Wed Aug 30 14:13:08.130179 2017] [core:error] [pid 9754] AH00546: no record of generation 0 of exiting child 28636
[Wed Aug 30 14:13:08.130833 2017] [wsgi:info] [pid 28639] mod_wsgi (pid=28639): Python home /home/user/miniconda3/envs/protectyourreviews.
[Wed Aug 30 14:13:08.130907 2017] [wsgi:warn] [pid 28639] (2)No such file or directory: mod_wsgi (pid=28639): Unable to stat Python home /home/user/minico$
[Wed Aug 30 14:13:08.130992 2017] [wsgi:info] [pid 28639] mod_wsgi (pid=28639): Initializing Python.
[Wed Aug 30 14:13:08.131665 2017] [wsgi:info] [pid 28638] mod_wsgi (pid=28638): Python home /home/user/miniconda3/envs/protectyourreviews.
[Wed Aug 30 14:13:08.131716 2017] [wsgi:warn] [pid 28638] (2)No such file or directory: mod_wsgi (pid=28638): Unable to stat Python home /home/user/minico$
[Wed Aug 30 14:13:08.131782 2017] [wsgi:info] [pid 28638] mod_wsgi (pid=28638): Initializing Python.
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ImportError: No module named 'encodings'它仍在尝试打开已删除的 * miniconda * 文件夹...
1条答案
按热度按时间trnvg8h31#
问题是Anaconda Python自带SSL库,编译Python ssl模块时不使用系统SSL库,Apache中的mod_ssl模块使用系统库。
因此,如果你在Apache中启用mod_ssl,它会拉入系统SSL库。当Python ssl模块被你的应用程序导入时,它会继承已经加载的系统SSL库,这与ssl模块被编译的目的和预期不同,因此它会失败。
所以这个问题是由Anaconda Python忽略系统SSL库而使用自己的库引起的。
唯一的解决方案是使用系统Python版本而不是Anaconda Python,或者在主Apache安装后使用mod_wsgi-express运行WSGI应用程序,主Apache安装只充当SSL的终止点,然后代理mod_wsgi-express示例。
除非您有特定的要求,否则最好使用系统Python版本,而不是Anaconda Python。