I just encountered this on my Ubuntu 16.04 host. There appears to be a version conflict between the apt repo packages for python-openssl and python-crypotgraphy, vs what someone installed manually with pip into /usr/local/python2.7/dist-packages.

Once it got into this state, the system standard pip couldn't execute, either. I got around the chicken-and-egg problem by manually setting a PYTHONPATH environment variable that excluded the /usr/local part of the tree thusly:

    $ export PYTHONPATH="/usr/lib/python2.7:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload:/usr/lib/python2.7/dist-packages:/usr/lib/python2.7/dist-packages/gtk-2.0"
    $ /usr/bin/pip uninstall cryptography
    $ unset PYTHONPATH

I acquired the above list of library directories to use with the python shell:

    import sys
    for p in sys.path:
       print(p)

and then copying everything listed except the one /usr/local directory. Your system may have a different list in its path. Adjust accordingly.

I also had some manual apt-get install --reinstall python-openssl python-cryptography commands scattered in my bash history, which may or may not have been necessary.

I experienced the same issue recently and after few hours investigation, I found out that it was caused by New cryptography 2.0 upgrade. This upgrade will break many packages using pyopenssl (like Sentry, Google Analytics and etc). Just downgrade it to 1.9 will solve the problem.

Be cautious if you are using "pip install -U", it will automatically upgrade packages that are not listed in requirements.txt.

In my case, the problem was that the package was installed in root directories, and I was executing the script which asked for pyopenssl with my Linux user forvas. And that user can't use the libraries installed in root.

So first I had to remove the package with aptitude or apt-get.

sudo aptitude purge python-openssl

Therefore, I had to install the package again, but taking into account the user who is executing the script which is asking for the library. Take a look to where the library is installed depending on the Linux user and the argument --user of pip.

Case 1

forvas@server:$ pip install pyopenssl

Could not install packages due to an EnvironmentError:

[Errno 13] Permission denied: '/usr/local/lib/python2.7/dist-packages/OpenSSL'

Consider using the --user option or check the permissions.

Case 2

forvas@server:$ sudo pip install pyopenssl

/usr/local/lib/python2.7/dist-packages/OpenSSL/*

/usr/local/lib/python2.7/dist-packages/pyOpenSSL-17.5.0.dist-info/*

Case 3

forvas@server:$ sudo pip install --user pyopenssl

/home/forvas/.local/lib/python2.7/site-packages/OpenSSL/*

/home/forvas/.local/lib/python2.7/site-packages/pyOpenSSL-17.5.0.dist-info/*

Case 4

root@server:$ pip install pyopenssl

/usr/local/lib/python2.7/dist-packages/OpenSSL/*

/usr/local/lib/python2.7/dist-packages/pyOpenSSL-17.5.0.dist-info/*

Case 5

root@server:$ pip install --user pyopenssl

/root/.local/lib/python2.7/site-packages/OpenSSL/*

/root/.local/lib/python2.7/site-packages/pyOpenSSL-17.5.0.dist-info/*

Conclusion

My problem was that the library was installed in the directories of the case 5.

Solution

• Uninstalling the package.

• As I'm executing the script with Linux user forvas, I was able to reinstall the package rightly with the options 2 or 4 (in which the library is available for all Linux users) or more accurate, the option 3 (in which library is only available for Linux user forvas).

My solution was a lot more simplistic after these other solutions not working for me. Anything I tried to install/uninstall via pip returned the same error and stacktrace.

I ended up trying to update pip via pip3 and it worked flawlessly:

pip3 install --upgrade pip

I went back to using pip and everything worked correctly. I did notice that it was referencing Python 3.6 when running the pip commands though.

# pip install pyopenssl`enter code here`
Requirement already satisfied: pyopenssl in /usr/lib64/python3.6/site-packages (18.0.0)

<snipped>

Requirement already satisfied: pycparser in /usr/lib64/python3.6/site-packages (from cffi!=1.11.3,>=1.7->cryptography>=2.2.1->pyopenssl) (2.19)

export PYTHONPATH="/usr/lib/python2.7:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload:/usr/lib/python2.7/dist-packages:/usr/lib/python2.7/dist-packages/gtk-2.0" apt-get install --reinstall python-openssl

I was seeing similar python stack dump on the console of my Ubuntu 16.04 VM when I tried ssh into the VM.

    SSL_ST_INIT = _lib.SSL_ST_INIT
AttributeError: 'module' object has no attribute 'SSL_ST_INIT'

Pip reported that pyopenssl was not installed.

I had to do this instead:

$ apt install --reinstall python-openssl