I have a Python script running Aspose.Words, when I call aspose.words.License.set_license I get the following error: No usable version of libssl was found
I use libssl in many of my other Python scripts and everything works fine, only the Aspose.Words module is having an issue.
I have the following versions of things installed:
- openssl version = OpenSSL 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024)
- python3 -c “import ssl; print(ssl.OPENSSL_VERSION)” = OpenSSL 3.0.13 30 Jan 2024
- python -V = Python 3.12.3
- aspose-words module version = 24.10.0
- Ubuntu version = Ubuntu 24.04.1 LTS
My code:
import aspose.words as aw
aspose_license = aw.License()
def set_aspose_license():
try:
print("Setting Aspose License")
aspose_license.set_license("Aspose.Words.Product.Family.lic")
print("License set successfully.")
except RuntimeError as err:
print("\nThere was an error setting the license: {0}".format(err))
if __name__ == '__main__':
print("Starting Program")
set_aspose_license()
Print output:
Starting Program
Setting Aspose License
No usable version of libssl was found
The file “Aspose.Words.Product.Family.lic” exists in the same directory as main.py, if I change the file name to “Aspose.Words.Product.Family” I get the following error: There was an error setting the license: Proxy error(FileNotFoundException): Cannot find license ‘Aspose.Words.Product.Family’ which proves that the correctly named file is accessible.
One thing to note, when I change the name of the license file I don’t get a libssl error.
Two questions:
- Why do I need libssl to set the Aspose license?
- If libssl works for every other Python script I have (20+), what makes Aspose different?
Thank you,
Alain
@AlainGyger Aspose.Words for Python via Net use netcore3.1 which doesn’t support libssl3.0.
As a workaround, you can install libssl1.1:
wget http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.0g-2ubuntu4_amd64.deb
&& sudo dpkg -i libssl1.1_1.1.0g-2ubuntu4_amd64.deb
We have opened the following new ticket(s) in our internal issue tracking system and will deliver their fixes according to the terms mentioned in Free Support Policies.
Issue ID(s): WORDSPYTHON-5
You can obtain Paid Support Services if you need support on a priority basis, along with the direct access to our Paid Support management team.
@alexey.noskov Thank you for your response. Unfortunately my company’s security policy is preventing me from installing libssl1.1.1.0g (it says it’s outdated and contains exploited vulnerabilities).
When will Aspose.Words for Python support a newer version of netcore that can use libssl3?
Or is there a workaround I can use to get Aspose.Words working?
Also, how quickly will this ticket be addressed?
Thanks,
Alain
@AlainGyger I am afraid there is no other workaround of this issue than the one suggested above.
There are no estimates regarding this issue yet. But we will keep you updated and let you know once it is resolved.
@alexey.noskov
That’s unacceptable.
I paid $839.50 for a license for Aspose.Words that I’m unable to use because it depends on a library that the library’s author says should not be used (i.e. “All older versions (including 1.1.1, 1.1.0, 1.0.2, 1.0.0 and 0.9.8) are now out of support and should not be used.” - Downloads | Library).
I’ve done some searching on this forum and on StackExchange and see that many other people are having this same issue. They’re all being told to install a vulnerable version of libssl as the “solution”, which seems like a recipe for disaster.
Unfortunately Aspose.Words is the only software that I’ve been able to find that does what I need.
OpenSSL charges $25,000 annually to get security updates back ported into libssl1 … how much would it cost for Aspose to expedite this bug fix?
For other people who are getting this error, I have a temporary solution (until this issue is fixed) to run a Python script that uses Aspose and needs the outdated version of libssl … you can download the old openssl source code, compile it, and force your system to use that version each time you run your script.
BIG WARNING: This will cause Python to use an old, unsupported, and vulnerable version of libssl, so it’s not safe to use in production (IMHO), but it’s better than installing an old version of libssl system-wide.
The steps I took to make this work:
Make sure you have all the programs needed to get and compile software
sudo apt install build-essential wget
Make a directory called “oldlibssl” in your home folder
mkdir $HOME/oldlibssl
Move to that directory
cd $HOME/oldlibssl
Download the latest old version of libssl (as of October 2024)
wget https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_1w/openssl-1.1.1w.tar.gz
Extract its contents
tar -zxvf openssl-1.1.1w.tar.gz
Move to that directory
cd openssl-1.1.1w/
Run the initial config
./config
Make the files
make
Test the files you just made
make test
Make a directory called “lib”
mkdir $HOME/oldlibssl/lib
Move libcrypto into that directory
mv $HOME/oldlibssl/openssl-1.1.1w/libcrypto.so.1.1 $HOME/oldlibssl/lib/
Move libssl into that directory
mv $HOME/oldlibssl/openssl-1.1.1w/libssl.so.1.1 $HOME/oldlibssl/lib/
Use LD_PRELOAD (From the man page - “A list of additional, user-specified, ELF shared objects to be loaded before all others. This feature can be used to selectively override functions in other shared objects.”) to force python to use the old version of libssl, both libssl and libcrypto must be specified.
This library interception only affects the command following it, it’s not permanent and must be specified each time this script is run.
LD_PRELOAD=$HOME/oldlibssl/lib/libssl.so.1.1:$HOME/oldlibssl/lib/libcrypto.so.1.1 python main.py
@AlainGyger Thank you for sharing your workaround. We will keep you updated and let you know once the problem is resolved.