_openssl.so: cannot enable executable stack as shared object requires: Invalid argument

Please fill out the fields below so we can help you better.

I ran this command: certbot-auto

It produced this output:

Error: couldn’t get currently installed version for /home/***/.local/share/letsencrypt/bin/letsencrypt:
Traceback (most recent call last):
File “/home/***/.local/share/letsencrypt/bin/letsencrypt”, line 7, in
from certbot.main import main
File “/home/***/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 9, in
from acme import jose
File “/home/***/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/jose/init.py”, line 37, in
from acme.jose.interfaces import JSONDeSerializable
File “/home/***/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/jose/interfaces.py”, line 9, in
from acme.jose import util
File “/home/***/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/jose/util.py”, line 5, in
import OpenSSL
File “/home/***/.local/share/letsencrypt/local/lib/python2.7/site-packages/OpenSSL/init.py”, line 8, in
from OpenSSL import rand, crypto, SSL
File “/home/***/.local/share/letsencrypt/local/lib/python2.7/site-packages/OpenSSL/rand.py”, line 12, in
from OpenSSL._util import (
File “/home/***/.local/share/letsencrypt/local/lib/python2.7/site-packages/OpenSSL/_util.py”, line 6, in
from cryptography.hazmat.bindings.openssl.binding import Binding
File “/home/***/.local/share/letsencrypt/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py”, line 13, in
from cryptography.hazmat.bindings._openssl import ffi, lib
ImportError: /home/***/.local/share/letsencrypt/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/_openssl.so: cannot enable executable stack as shared object requires: Invalid argument

My web server is (include version): apache (remote)

The operating system my web server runs on is (include version): don’t know. system where i run certbot is Windows 10 (with BASH):
Distributor ID: Ubuntu
Description: Ubuntu 14.04.5 LTS
Release: 14.04
Codename: trusty

OpenSSL 1.0.1f 6 Jan 2014
Python 2.7.6

I can login to a root shell on my machine (yes or no, or I don’t know): yes

Try to “rm -rf letsencrypt/” and run certbot-auto again - same error

Try to update by running this:
in cmd:
lxrun /uninstall
lxrun /install

in bash:
again rm -rf letsencrypt/
certbot-auto

Get same Error

try apt-get update and upgrade
again rm -rf
restart bash
Again same error, now:
Distributor ID: Ubuntu
Description: Ubuntu 16.04.3 LTS
Release: 16.04
Codename: xenial

OpenSSL 1.0.2g 1 Mar 2016
Python 2.7.12

installing by “Unspecified Webserver on Ubuntu 16.04 (xenial)” against wget version works propertly.

Solved

Try updating the version of OpenSSL.

Oh wow, @luminescent, you really need to upgrade your openssl. That version is still vulnerable to the impressively dangerous Heartbleed bug discovered back in early 2014. This will allow remote attackers virtually undetectable access to all kinds of data, including private keys, passwords, etc.

Edit: Scrolling back I see 1.02g instead. This version’s fine - it looks like you upgraded between posts and I missed it. Leaving this here as a warning to anyone else running vulnerable OpenSSL versions.

You might have multiple copies of OpenSSL
find / -name openssl

I think he actually upgraded between posts:

It’s probably – hopefully – fine. Ubuntu 14.04 uses OpenSSL 1.0.1f with fully backported security patches (without changing the version number or release date).

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.