notebook: Error when trying to use certificate: SSLError: [SSL] PEM lib (_ssl.c:2599)

Hello, following the docs I was trying to create a public IPy server.

However, after creating certificate with sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mycert.key -out mycert.pem and running jupyter notebook --certfile=mycert.pem

The notebook doesn’t start and I can’t find any information about how to fix it.

The error message is:

[E 14:08:49.825 NotebookApp] Exception in callback (<socket._socketobject object at 0x7f021f33e980>, <function null_wrapper at 0x7f021f2cdf50>)
    Traceback (most recent call last):
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/ioloop.py", line 866, in start
        handler_func(fd_obj, events)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/stack_context.py", line 275, in null_wrapper
        return fn(*args, **kwargs)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/netutil.py", line 265, in accept_handler
        callback(connection, address)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/tcpserver.py", line 239, in _handle_connection
        do_handshake_on_connect=False)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/netutil.py", line 501, in ssl_wrap_socket
        context = ssl_options_to_context(ssl_options)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/netutil.py", line 478, in ssl_options_to_context
        context.load_cert_chain(ssl_options['certfile'], ssl_options.get('keyfile', None))
    SSLError: [SSL] PEM lib (_ssl.c:2599)
[E 14:08:49.827 NotebookApp] Exception in callback (<socket._socketobject object at 0x7f021f33e980>, <function null_wrapper at 0x7f021f2cdf50>)
    Traceback (most recent call last):
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/ioloop.py", line 866, in start
        handler_func(fd_obj, events)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/stack_context.py", line 275, in null_wrapper
        return fn(*args, **kwargs)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/netutil.py", line 265, in accept_handler
        callback(connection, address)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/tcpserver.py", line 239, in _handle_connection
        do_handshake_on_connect=False)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/netutil.py", line 501, in ssl_wrap_socket
        context = ssl_options_to_context(ssl_options)
      File "/home/marcin/anaconda/lib/python2.7/site-packages/tornado/netutil.py", line 478, in ssl_options_to_context
        context.load_cert_chain(ssl_options['certfile'], ssl_options.get('keyfile', None))
    SSLError: [SSL] PEM lib (_ssl.c:2599)

Edit I’m running Jupyter 4.0.6, tornado 4.2.1 on Ubuntu 14.04 Thanks in advance.

About this issue

  • Original URL
  • State: closed
  • Created 9 years ago
  • Reactions: 3
  • Comments: 39 (5 by maintainers)

Most upvoted comments

@cavaunpeu using https instead of http may solve it

+94
vinc30 on Oct 26, 2015

It worked for me after making a slight change in the openssl parameters. i am saving both the key and certificate in the same file, ‘mycert.pem’.

original: $sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mycert.key -out mycert.pem my version: $sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mycert.pem -out mycert.pem

+55
skadiran on Oct 24, 2015

Had this issue, fixed using https instead of http as suggested by @cavaunpeu

+13
djakubosky on Nov 4, 2015

Replace http:// with https://

+6
ghost on Jan 12, 2018

Encountered the same error. None of the provided solutions works…

+4
HenrikEckermann on Jan 26, 2019

For me, using https explicitly in the URL solved the problem.

+4
LukasDrude on Dec 23, 2015

Try the following, original, $sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mycert.key -out mycert.pem my version: $sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mycert.pem -out mycert.pem

+2
skadiran on Jan 4, 2018

SOLUTION 👍 adding “https” works for me, don’t ask why.

+1
omnishore1 on Dec 28, 2017

Fixed by #507. The openssl call and jupyter call had fallen out of sync, so there was a missing --keyfile mycert.key arg.

+1
minrk on Oct 28, 2015

Thanks all for sharing what is working in your environments. It helps others that may have similar environments.

To assist and better cover different deployment environments, we’ll be adding references to the OpenSSL documentation (https://www.openssl.org/ and https://www.openssl.org/docs/) as well as OpenSSL Cookbook (https://www.feistyduck.com/books/openssl-cookbook/) to the Jupyter documentation. These resources should assist folks find the certificate creation parameters that work best in their environment.

@ellisonbg @Carreau @minrk

+1
willingc on Oct 24, 2015
Read more comments on GitHub
← notebook: Error output when running tests
notebook: Error while launching a Jupyter notebook →