- Newest
- Most votes
- Most comments
It appears that you have Miniconda installed on your system, and OpenSSL is available within the Miniconda environment. In this case, you need to ensure that the Miniconda environment is activated before running the AWS CDK, so that the openssl command within the Miniconda environment is accessible.
conda info --envs
conda activate <your-environment>
Hello.
The error message you're encountering indicates that the openssl command is not found in your system's PATH when you're trying to run the AWS CDK (Cloud Development Kit). OpenSSL is a cryptographic tool commonly used for generating certificates and other security-related operations. If OpenSSL is not already installed on your system, you can install it based on your operating system: For Ubuntu/Debian:
sudo apt-get install openssl
For CentOS/RHEL:
sudo yum install openssl
For macOS (using Homebrew):
brew install openssl
For Windows: You can download OpenSSL for Windows from the official website: https://slproweb.com/products/Win32OpenSSL.html. Make sure to add the installation directory to your PATH during the installation process.
Best regards, Andrii
Yes, Andril and I came to same conclusion: machine executing CDK does not have openssl installed. See my own answer.
Hi,
from what I can understand in your error log, the issue doesn't happen in the docker image (where openssl is installed) but on the machine where you run the cdk deploy.
So, can you confirm that this machine (or container image if you run in CodePipeline) running CDK has openssl installed ?
For example, execute 'which' command from your CDK typescript like this: https://stackabuse.com/executing-shell-commands-with-node-js/
Best,
Didier
I put this snippet
exec("which openssl", (error, stdout, stderr) => { if (error) { console.log(`error: ${error.message}`); return; } if (stderr) { console.log(`stderr: ${stderr}`); return; } console.log(`stdout: ${stdout}`); });
and then ran
cdk synth
and I get this on windowsstdout: /cygdrive/c/tools/miniconda3/Library/bin/openssl
and this in docker
stdout: /usr/bin/openssl
I think that the error
openssl: command not found
doesn't come from my machine but from some aws lambda coming from the library. I'm running things locally, not on CodePipeline or anything like that. I just runcdk deploy
inside a docker container, but I observe the exact same results even when trying outside docker. I even cloned the repo https://github.com/aws/aws-cdk and tried to inspect it a bit to figure out whereopenssl
is being called exactly and whether it uses the right environment variables (such asPATH
) but I couldn't find anything there. I'm not an expert but I think the openssl call doesn't happen on my machine.
Relevant content
- asked a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 19 days ago
I did
and then
I have openssl installed in 3 different places.
Even without miniconda it's still accessible. Plus this only applies to windows. Inside docker openssl is always available.
Ok, I cloned aws-rfdk repo and debugged it. I found this code
in
./packages/aws-rfdk/lib/lambdas/nodejs/lib/x509-certs/certificate.ts
. And this is in fact running in a lambda function. So this is a bug in the library. It's not my machine. I tried with older version of aws-rdfk but I get the same bug. The question now is why do I get this bug and others don't? Is there something wrong with my code? I think the source of the problem might be in.\packages\aws-rfdk\lib\lambdas\lambdaLayerVersionArns.ts
. I'm running oneu-west-1
so maybe somebody could connect toarn:aws:lambda:eu-west-1:224375009292:layer:openssl-al2:2
and make sure it has openssl