Resolving AttributeError: module 'lib' has no attribute 'OpenSSL_add_all_algorithms'

Problem Statement

When attempting to run pip operations (like pip install --upgrade pip or installing Python packages), you may encounter this critical error:

AttributeError: module 'lib' has no attribute 'OpenSSL_add_all_algorithms'

This error typically occurs in the following context:

• Appears during import of OpenSSL modules in Python
• Prevents all pip operations from completing successfully
• Frequently affects environments with outdated/corrupted OpenSSL-related packages
• Common on Python 3.8 environments
• Occurs on Linux distributions like Ubuntu, especially in WSL setups

The core issue is an incompatibility between the cryptography and pyOpenSSL Python packages, often triggered by:

• Breaking changes introduced in cryptography v39.0.0
• Version mismatches between cryptography library and OpenSSL bindings
• Corrupted installations of crypto-related dependencies

Without fixing this, Python's package management system becomes unusable for pip-based operations.

Recommended Solutions

Solution 1: Downgrade cryptography Package (Quick Fix)

The most reliable solution downgrades to a compatible cryptography version:

# For pip installations:
pip install cryptography==38.0.4

# For pip3 installations:
pip3 install cryptography==38.0.4

Explanation
Version cryptography==38.0.4 maintains compatibility with older OpenSSL bindings that still support the deprecated OpenSSL_add_all_algorithms method. This is backwards-compatible and stable.

Solution 2: Update OpenSSL Packages

If environment supports newest versions, upgrade all cryptography components:

pip install -U pyopenssl cryptography

Explanation

• Upgrades to newer versions that remove the obsolete function call
• Requires OpenSSL 1.1.1 or newer in your system
• Preferred long-term fix if your environment supports it

Solution 3: Reinstall pyOpenSSL

For scenarios with library corruption:

pip uninstall pyOpenSSL
pip install pyOpenSSL

Explanation

• Fixes potentially corrupted OpenSSL bindings
• Ensures clean installation of current compatibility shims
• Use when downgrading/upgrading doesn't resolve the issue

<warning> **WARNING: Solution 4 is exclusive to Ubuntu WSL environments.** Attempting this on systems with GUI desktop environments may cause system instability. </warning>

Solution 4: Complete Reinstall (Ubuntu WSL Only)

For severe environment corruption in Ubuntu WSL:

# Purge all affected packages
sudo apt purge python3 python3-pip python3-openssl

# Remove local user installs
rm -rf ~/.local/lib/python3*

# Reinstall core components
sudo apt install libssl-dev libffi-dev python3 python3-pip python3-openssl

Explanation

• Completely resets the Python environment
• Addresses conflicts between system packages and local installs
• Requires internet access to re-download packages

Explanation of the Root Cause

This error occurs due to two interconnected issues:

1. Breaking changes in cryptography>=39.0.0
   Newer versions removed deprecated OpenSSL algorithms that some applications still reference. When cryptography or pyOpenSSL try to reference the obsolete OpenSSL_add_all_algorithms function, the import fails.

2. Version conflicts with OpenSSL bindings
   Older systems with openssl<1.1.1 lack updates that deprecate these algorithms. Newer Python packages may attempt to access non-existent methods in older OpenSSL installations.

The traceback typically originates from OpenSSL imports (import OpenSSL.crypto) during Python's import chain, which gets triggered when pip loads security-related modules like urllib3.contrib.pyopenssl.

Preventive Measures

To avoid recurrence:

# Regularly update your cryptographic packages
pip install -U pyopenssl cryptography

# Check for compatibility issues
pip check

• Monitor release notes when upgrading cryptography beyond v40
• Avoid mixing system-packaged (apt) and pip-installed OpenSSL modules
• Use virtual environments to isolate dependencies
• For long-term stability, keep distro packages updated

  sudo apt update && sudo apt upgrade

If pip operations continue to show errors after resolution, verify package consistency with pip check to identify any remaining dependency conflicts.

These solutions address both symptom (failed imports) and root cause (binding incompatibilities), ensuring stable package management functionality.