Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SWAT dependencies on OpenSSL libraries #148

Closed
githje opened this issue Jan 5, 2023 · 2 comments
Closed

SWAT dependencies on OpenSSL libraries #148

githje opened this issue Jan 5, 2023 · 2 comments

Comments

@githje
Copy link

githje commented Jan 5, 2023

Hi,

it seems that SWAT (tested with release 1.12, both Python and R-SWAT) requires older versions of libcrypto.so and libssl.so which might no longer be shipped with recent Linux distros (my environment is a Ubuntu 22.04 LTS). This is probably the same issue as discussed here: #106. Trying to initialize SWAT returns this error message in the notebook:

RuntimeError: Booting the TK subsystem failed: TKECERT: Extension load failure.

And:

ERROR: Could not load opensslcert extension. OpenSSL libraries are not found or the wrong version.

(found in the container log of the Jupyter notebook app). I was able to work around this issue by providing the required older library versions like this:

# extract *.so files from old openssl package
wget https://archlinux.org/packages/core/x86_64/openssl-1.1/download/ -O openssl-1.1-1.1.1.s-4-x86_64.pkg.tar.zst
tar --use-compress-program=unzstd -xvf openssl-1.1-1.1.1.s-4-x86_64.pkg.tar.zst
cp usr/lib/libcrypto.so.1.1 /usr/lib/x86_64-linux-gnu/
cp usr/lib/libssl.so.1.1 /usr/lib/x86_64-linux-gnu/

# set environment variables pointing to .so files in Jupyter config.
echo "os.environ[\"TKECERT_CRYPTO_LIB\"] = '/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1'" >> /etc/jupyter/jupyter_notebook_config.py
echo "os.environ[\"TKESSL_OPENSSL_LIB\"] = '/usr/lib/x86_64-linux-gnu/libssl.so.1.1'" >> /etc/jupyter/jupyter_notebook_config.py
@githje
Copy link
Author

githje commented Jan 5, 2023

I'll close the track right away, as I only wanted to document the workaround in case others stumble across the same problem.

@githje githje closed this as completed Jan 5, 2023
@gygabyte017
Copy link

gygabyte017 commented Jun 16, 2023
edited
Loading

Hi, same happening to me now in k8s environment.

Using your idea, adding this to Dockerfile works:

# Force using old openssl package due to swat compatibility
RUN apt-get update && apt-get install -y zstd && rm -rf /var/lib/apt/lists/*
RUN wget https://archlinux.org/packages/core/x86_64/openssl-1.1/download/ -O openssl-1.1-1.1.1.s-4-x86_64.pkg.tar.zst
RUN tar --use-compress-program=unzstd -xvf openssl-1.1-1.1.1.s-4-x86_64.pkg.tar.zst
RUN cp usr/lib/libcrypto.so.1.1 /usr/lib/x86_64-linux-gnu/
RUN cp usr/lib/libssl.so.1.1 /usr/lib/x86_64-linux-gnu/

ENV TKECERT_CRYPTO_LIB=/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
ENV TKESSL_OPENSSL_LIB=/usr/lib/x86_64-linux-gnu/libssl.so.1.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gygabyte017 @githje