PythonCall just works when I close the REPL after importing OpenSSL_jll, but I cannot make it work in the same session

General Usage
, , ,
1

Hi all,

I am trying to make the following workflow involving PythonCall to work in the same Julia session. I am experiencing some problems with PythonCall and SSL credentials, which thanks to @cjdoris I managed to make work by the following workflow which involved exit and enter again a new Julia session.

  1. In a new Julia session, I activate my envionment and then do
    using OpenSSL_jll
  2. I close the session and open a new REPL
  3. In a new session, I can simply now do
    using PythonCall; pyimport("ssl")

This workflow works, but if I just do the following in the same session

using OpenSSL_jll
using PythonCall; pyimport("ssl")

this returns instead the error

ERROR: Python: ImportError: dlopen(/Users/sapienza/.julia/dev/Sleipnir/.CondaPkg/env/lib/python3.12/lib-dynload/_ssl.cpython-312-darwin.so, 0x0002): Symbol not found: _X509_STORE_get1_objects
  Referenced from: <B1CE67CC-8161-3609-8F45-6B9EC2F14447> /Users/sapienza/.julia/dev/Sleipnir/.CondaPkg/env/lib/python3.12/lib-dynload/_ssl.cpython-312-darwin.so
  Expected in:     <4C4C44CB-5555-3144-A104-41A9AFACD8FB> /Users/sapienza/.julia/artifacts/e33c9389fd079973c7a7520d36779612df7ec447/lib/libcrypto.3.dylib
Python stacktrace:
 [1] <module>
   @ ~/.julia/dev/Sleipnir/.CondaPkg/env/lib/python3.12/ssl.py:100
Stacktrace:
 [1] pythrow()
   @ PythonCall.Core ~/.julia/packages/PythonCall/Nr75f/src/Core/err.jl:92
 [2] errcheck
   @ ~/.julia/packages/PythonCall/Nr75f/src/Core/err.jl:10 [inlined]
 [3] pyimport(m::String)
   @ PythonCall.Core ~/.julia/packages/PythonCall/Nr75f/src/Core/builtins.jl:1561
 [4] top-level scope
   @ REPL[4]:1

Now, this is currently a big issue for me since I am trying to make this work inside a Julia package, so I need a workflow that works to be included in the main script of my library (here).

Furthermore, this is not a persistent solution, since the next time I want to do pyimport("ssl") I also need to open a Julia session before to do the using OpenSSL_jll. Does anyone know what OpenSSL_jll is exactly doing by just importing it right before the pyimport?

I will highly appreciate if someone has some tip here that will help me progress on this problem!

Detains of the CondaPkg.toml used to generate the environment can be found here. The complete workflow can be easely reproduced from the GitHub repo.

(Sorry if this feel a bit repetitive from other post, but I imagined this is a more general Julia topic that can be helpful to others, so I imagined a standalone post will be better.)

1 Like
2

As of Python 3.13:

OpenSSL 1.1.1 is the minimum version and OpenSSL 3.0.9 is the recommended minimum version for the ssl and hashlib extension modules.

In Julia, and I think, per se, not contradictory (I see OpenSSL_jll build 3.0.15+1, and e.g. older OpenSSL_jll build 3.0.9+0 and OpenSSL_jll build 1.1.1+6):

OpenSSL_jll = “1.1, 3.0”

OpenSSL 3 is the current long-term support (LTS) version, anything older is no longer supported, so I doubt you want to use 1.1.1 even if you can.

I think you want to use Python 3.13, and I seem to remember something about there possibly being a conflict between OpenSSL [versions] in Python and Julia. Do you actually need OpenSSL_jll in Julia? Julia still uses MbedTLS, is that not good enough from the Julia side?

What is it exactly you need from the Python side, i.e. how do you load the package and confirm the version used?

Python 3.12.3 (main, Apr 21 2024, 17:40:47) [GCC 11.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from OpenSSL import SSL
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ModuleNotFoundError: No module named 'OpenSSL'

I’ve been having trouble installing Python packages like this one, or knowing for sure which one[s] are recommended:

Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where possible. If you are using pyOpenSSL for anything other than making a TLS connection you should move to cryptography and drop your pyOpenSSL dependency.

Julia 1.12 will use OpenSSL 3, so best get used to it: