Naveen Naveen - 1 year ago 268
Python Question

"OpenSSL: EC_KEY_generate_key FAIL ... error:00000000:lib(0):func(0):reason(0)" on pyelliptic.ECC()

I'm getting the above error while using

(versions given below).

The python code which triggers it:

print("Salt: %s" % salt)
server_key = pyelliptic.ECC(curve="prime256v1") # ----->> Line2
print("Server_key: %s" % server_key) # ----->> Line3
server_key_id = base64.urlsafe_b64encode(server_key.get_pubkey()[1:])

"Salt: ..."
message is displayed okay, the error is in the


File "/usr/local/lib/python2.7/dist-packages/pyelliptic/", line 89, in __init__
self.privkey, self.pubkey_x, self.pubkey_y = self._generate()
File "/usr/local/lib/python2.7/dist-packages/pyelliptic/", line 231, in _generate
raise Exception("[OpenSSL] EC_KEY_generate_key FAIL ... " + OpenSSL.get_error())

The error(s) I get are (the 2nd one may or may not be relevant):

  1. Exception('[OpenSSL] EC_KEY_generate_key FAIL ... error:00000000:lib(0):func(0):reason(0)',)

    (Ref. File Link: )

  2. extern "Python": function Cryptography_rand_bytes() called, but @ffi.def_extern() was not called in the current subinterpreter. Returning 0.

Requirements.txt (partial):

pyOpenSSL==16.1.0 says that
has some issues with old versions (Not sure if this is applicable here).

Other Details:

Python Version: 2.7.

Getting this error only on Google Compute Engine VM Instance.

Working Fine on Local Development Server.
Working Fine from python shell too Google Compute Engine VM.

(The question is a follow-up of 'EntryPoint' object has no attribute 'resolve' when using Google Compute Engine, the discussion there might be of use)

Answer Source

Just added the following:WSGIApplicationGroup %{GLOBAL}

in /etc/apache2/sites-available/default-ssl.conf file and all these errors got resolved.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download