Dear Graham Thank you for the super fast response and the useful tips! We'll try to get it to work with mod_wsgi-express instead.
Am Dienstag, 31. März 2020 09:46:36 UTC+2 schrieb Graham Dumpleton: > > It is a known problem with Anaconda Python that you cannot use it embedded > in other applications, where the application embedding it links with SSL > and crypto libraries. In other words, you cannot use mod_ssl in Apache if > you are going to use Anaconda Python. > > This problem is caused by Anaconda Python, due to it bundling its own > versions of SSL and crypto libraries that are often incompatible with the > system versions of those libraries that Apache is linked against. When they > are incompatible you can get obscure errors of the processes can crash. > > Consider using mod_wsgi-express instead, and have the front end Apache > which handles SSL termination using mod_ssl, proxy to the mod_wsgi-express > instance. There isn't really any other solution, except for not using > Anaconda Python. > > Graham > > On 31 Mar 2020, at 6:40 pm, [email protected] <javascript:> wrote: > > Dear all, > > We have been struggling with our Apache with mod-wsgi for a while now and > we finally managed to break the problem down to a minimum. We try to run a > Dash application that uses datashader, but it kept on crashing. The > following minimal example works fine on our server. > > *myDashApp.py* > from flask import Flask > import dash > import dash_core_components as dcc > import dash_html_components as html > > server = Flask('app') > app = dash.Dash('app', server=server) > > colors = { > 'background': '#111111', > 'text': '#7FDBFF' > } > app.layout = html.Div(style={'backgroundColor': colors['background']}, > children=[ > html.H1( > children='Hello Dash', > style={ > 'textAlign': 'center', > 'color': colors['text'] > } > ), > html.Div(children='Dash: A web application framework for Python.', > style={ > 'textAlign': 'center', > 'color': colors['text'] > }), > dcc.Graph( > id='Graph1', > figure={ > 'data': [ > {'x': [1, 2, 3], 'y': [4, 1, 2], 'type': 'bar', 'name': > 'SF'}, > {'x': [1, 2, 3], 'y': [2, 4, 5], 'type': 'bar', 'name': u > 'Montréal'}, > ], > 'layout': { > 'plot_bgcolor': colors['background'], > 'paper_bgcolor': colors['background'], > 'font': { > 'color': colors['text'] > } > } > } > ) > ]) > > if __name__ == '__main__': > app.run_server() > (I copied that example from somewhere, but unfortunately forgot from where) > > *wsgi.py* > sys.path.insert(0, "/data/website/myApp") > > from myDashApp import server as application > > */etc/apache2/sites-enabled/default-ssl.conf* > <IfModule mod_ssl.c> > <VirtualHost _default_:443> > ServerName example.com > ServerAdmin [email protected] <javascript:> > > # Flask application > WSGIProcessGroup myApp > WSGIApplicationGroup %{GLOBAL} > > WSGIScriptAlias / /data/website/myApp/wsgi.py > WSGIDaemonProcess myApp > python-home=/usr/share/miniconda3/envs/my_env_36 \ > threads=1 \ > processes=4 \ > display-name=%{GROUP} \ > lang='en_US.UTF-8' \ > locale='en_US.UTF-8' \ > queue-timeout=45 \ > socket-timeout=60 \ > connect-timeout=15 \ > request-timeout=60 \ > inactivity-timeout=0 \ > startup-timeout=15 \ > deadlock-timeout=60 \ > graceful-timeout=15 \ > eviction-timeout=0 \ > restart-interval=0 \ > shutdown-timeout=5 \ > maximum-requests=0 > > <Directory "/data/website/myApp/> > AllowOverride all > AuthType Basic > AuthUserFile /data/passwords/passwords.pwd > AuthName "myDemoApp" > <RequireAll> > Require valid-user > </RequireAll> > </Directory> > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog ${APACHE_LOG_DIR}/access.log combined > > SSLEngine on > > SSLCertificateFile /etc/apache2/cert/host_name.crt.pem > SSLCertificateKeyFile /etc/apache2/cert/host_name.key > > SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 > SSLHonorCipherOrder on > > SSLCipherSuite > > ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA > > Header always set Strict-Transport-Security > "max-age=15552000; includeSubDomains" > <FilesMatch "\.(cgi|shtml|phtml|php)$"> > SSLOptions +StdEnvVars > </FilesMatch> > <Directory /usr/lib/cgi-bin> > SSLOptions +StdEnvVars > </Directory> > > </VirtualHost> > </IfModule> > > Now, we can add the following lines to our myDashApp.py: > import ssl > foo = ssl.SSLContext() > > Once we do that, we get the following error in the apache error log: > [Tue Mar 31 06:25:02.092936 2020] [core:notice] [pid 28668] AH00094: > Command line: '/usr/sbin/apache2' > [Tue Mar 31 09:31:37.336007 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] mod_wsgi (pid=30411): Failed to exec Python script file > '/data/website/myApp/wsgi.py'. > [Tue Mar 31 09:31:37.336081 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] mod_wsgi (pid=30411): Exception occurred processing WSGI > script '/data/website/myApp/wsgi.py'. > [Tue Mar 31 09:31:37.337969 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] Traceback (most recent call last): > [Tue Mar 31 09:31:37.338011 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] File "/data/website/myApp/wsgi.py", line 5, in <module> > [Tue Mar 31 09:31:37.338016 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] from myDashApp import server as application > [Tue Mar 31 09:31:37.338024 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] File "/data/website/myApp/myDashApp.py", line 7, in > <module> > [Tue Mar 31 09:31:37.338028 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] bla = ssl.SSLContext() > [Tue Mar 31 09:31:37.338034 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] File > "/usr/share/miniconda3/envs/my_env_36/lib/python3.6/ssl.py", line 391, in > __new__ > [Tue Mar 31 09:31:37.338038 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] self = _SSLContext.__new__(cls, protocol) > [Tue Mar 31 09:31:37.338059 2020] [wsgi:error] [pid 30411] [remote 172.27. > 1.200:55576] ssl.SSLError: ('No cipher can be selected.',) > [Tue Mar 31 09:31:38.189212 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] mod_wsgi (pid=30409): Failed to exec Python script file > '/data/website/myApp/wsgi.py'. > [Tue Mar 31 09:31:38.189269 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] mod_wsgi (pid=30409): Exception occurred processing WSGI > script '/data/website/myApp/wsgi.py'. > [Tue Mar 31 09:31:38.189782 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] Traceback (most recent call last): > [Tue Mar 31 09:31:38.189810 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] File "/data/website/myApp/wsgi.py", line 5, in <module> > [Tue Mar 31 09:31:38.189813 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] from myDashApp import server as application > [Tue Mar 31 09:31:38.189818 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] File "/data/website/myApp/myDashApp.py", line 7, in > <module> > [Tue Mar 31 09:31:38.189821 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] bla = ssl.SSLContext() > [Tue Mar 31 09:31:38.189825 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] File > "/usr/share/miniconda3/envs/my_env_36/lib/python3.6/ssl.py", line 391, in > __new__ > [Tue Mar 31 09:31:38.189828 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] self = _SSLContext.__new__(cls, protocol) > [Tue Mar 31 09:31:38.189842 2020] [wsgi:error] [pid 30409] [remote 172.27. > 1.200:55575] ssl.SSLError: ('No cipher can be selected.',) > > Did anybody encounter a similar problem or does anybody have an idea on > how to fix that? > > Just for a bit of context, we don't want to use SSL in our application, > but somehow datashader uses it for something and our goal is to get > datashader > to work. > > Thanks, > Raphael > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/modwsgi/f3044394-eff1-4df3-8238-d9caeed3dcc0%40googlegroups.com > > <https://groups.google.com/d/msgid/modwsgi/f3044394-eff1-4df3-8238-d9caeed3dcc0%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > > -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/modwsgi/c1dfc305-fb57-4734-b55b-0ce6c9281f7c%40googlegroups.com.
