12-22-2015, 11:32 PM | #1 |
Enthusiast
Posts: 32
Karma: 10
Join Date: Aug 2014
Device: none
|
install errors on Centos-7.2 Linux
Downloading tarball signature securely...
Traceback (most recent call last): File "<string>", line 1, in <module> File "<string>", line 670, in main File "<string>", line 655, in run_installer File "<string>", line 627, in download_and_extract File "<string>", line 619, in get_tarball_info File "<string>", line 578, in get_https_resource_securely File "<string>", line 487, in __init__ File "/usr/lib64/python2.7/httplib.py", line 1182, in __init__ context.load_cert_chain(cert_file, key_file) ssl.SSLError: [SSL] PEM lib (_ssl.c:2757) is there a known solution? All advice welcome! thanks in advance. |
12-23-2015, 12:11 AM | #2 | |
Wizard
Posts: 2,082
Karma: 8796704
Join Date: Jun 2010
Device: Kobo Clara HD,Hisence Sero 7 Pro RIP, Nook STR, jetbook lite
|
Quote:
Code:
NSS no longer accepts DH key parameters < 768 nor RSA/DSA certificates with key sizes < 1024 bits, NSS also now enables TLS1.1/1.2 by default bernie |
|
Advert | |
|
12-23-2015, 12:28 AM | #3 | |
creator of calibre
Posts: 43,862
Karma: 22666666
Join Date: Oct 2006
Location: Mumbai, India
Device: Various
|
Quote:
More likely that the ssl python module provided by the distro is broken. But yes, the easiest fix is to just download the tarball manually and install it, as is described on the download page. |
|
12-23-2015, 12:39 AM | #4 |
creator of calibre
Posts: 43,862
Karma: 22666666
Join Date: Oct 2006
Location: Mumbai, India
Device: Various
|
And to prove what I said in the previous post:
https://www.ssllabs.com/ssltest/anal...ibre-ebook.com which confirms everything. I'd guess the problem is either 1) Broken ssl module 2) The private CA certificate is signed with SHA1 Last edited by kovidgoyal; 12-23-2015 at 01:06 AM. |
12-23-2015, 01:03 AM | #5 |
creator of calibre
Posts: 43,862
Karma: 22666666
Join Date: Oct 2006
Location: Mumbai, India
Device: Various
|
This https://github.com/kovidgoyal/calibr...ed34c1be6df481
updates the CA certificate to use a SHA256 signature. So if you still experience the issue, the remaining possibility is a broken ssl module. |
Advert | |
|
12-23-2015, 11:13 AM | #6 |
Enthusiast
Posts: 32
Karma: 10
Join Date: Aug 2014
Device: none
|
install errors on Centos-7.2 Linux
Someone on the Centos users mailing list replied that he believes there has been an API change in Python 2.7, although he didn't give specifics.
If that's true, then it's not so much a python/packaging bug, but a "feature" that Calibre may need to accommodate. Sorry, I'd gladly provide details if I had 'em. I did the manual install and it did the job, so I'm all set for now. thanks, Kovid! |
12-23-2015, 11:38 AM | #7 |
creator of calibre
Posts: 43,862
Karma: 22666666
Join Date: Oct 2006
Location: Mumbai, India
Device: Various
|
The API change was in python 2.7.9 and calibre has supported it since before 2.7.9 was released, which was years ago.
|
12-23-2015, 12:20 PM | #8 |
Ex-Helpdesk Junkie
Posts: 19,422
Karma: 85397180
Join Date: Nov 2012
Location: The Beaten Path, USA, Roundworld, This Side of Infinity
Device: Kindle Touch fw5.3.7 (Wifi only)
|
calibre does of course support the actual python releases.
IIRC, there are also, workarounds for debian's "brilliant decision to partially backport patches" from 2.7.9 --> 2.7.8 Maybe this is more of the same? So the question would be, what stupid thing has CentOS done to the SSL module? ... See, this is why I love Arch Linux. They may sometimes play games, but they usually manage to avoid pratfalls like this. |
12-23-2015, 09:33 PM | #9 |
Enthusiast
Posts: 32
Karma: 10
Join Date: Aug 2014
Device: none
|
Looks like Centos-7 has Python 2.7.5. But given that it's a RedHat rebuild, and has all the same files/patches, Red Hat, in their wisdom, has probably backported the patch(es) involved here. In most cases when they do that it's not a usability issue, but this one is.
Sigh. At least it is installed and apparently working now. Might there be other circumstances where this issue causes trouble in Calibre usage, as time goes by?? Thanks! |
12-23-2015, 11:58 PM | #10 |
Ex-Helpdesk Junkie
Posts: 19,422
Karma: 85397180
Join Date: Nov 2012
Location: The Beaten Path, USA, Roundworld, This Side of Infinity
Device: Kindle Touch fw5.3.7 (Wifi only)
|
calibre includes its own unpatched bundled copy of python 2.7.9, it only relies on the system python for the one-line installer.
You can of course use "calibre-debug" instead of "python2" in the one-line install command. |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Calibre 2.0.0 install broken on CentOS 6.5 Linux | sprocketboy | Devices | 1 | 08-22-2014 03:00 AM |
New Install Generates Lots of Errors | LaneLester | Calibre | 14 | 03-07-2012 09:01 PM |
install failed with "ImportError: cannot import name QCoreApplication" on CentOS 5.6 | katsu | Calibre | 2 | 10-07-2011 11:53 PM |
A Problem [Python errors and failing to start in Linux] | Newby | Calibre | 21 | 01-27-2011 06:08 AM |
cannot install in on Linux | ichthyosaur | Calibre | 1 | 12-31-2009 05:20 PM |