My only gripe...

Hi, rdfm. Thanks for sharing your problem. I'm linking to it in an issue where we're talking about making the error more obvious/transparent: https://github.com/pypa/packaging-problems/issues/130 I've suggested that we put an announcement on http://blog.python.org/ , which syndicates to www.python.org .

For reference (for other folks): PyPI has just turned off support for TLS versions 1.0 and 1.1 (announcement on the general Python announcement email list: https://mail.python.org/pipermail/python-announce-list/20... ). Also, on June 30, 2018, all Python.org sites are going to entirely stop supporting TLS versions 1.0 and 1.1, because PyPI's CDN provider, Fastly, is deprecating support for those versions (blog post: https://pyfound.blogspot.com/2017/01/time-to-upgrade-your... ).

We're seeing that some users of older versions of OpenSSL are affected. Users of OS X versions 10.12 and below who use Python are particularly affected by this deprecation, as the Apple-supplied system Python (version 2.7) links to an older version of OpenSSL, so "pip install" now fails for them. A detailed explanation of that is in https://github.com/pypa/warehouse/issues/3293#issuecommen... . Upgrading pip to 9.0.3 will generally fix the issue. To upgrade affected clients, run:

curl https://bootstrap.pypa.io/get-pip.py | python

Whenever anyone has trouble `pip install`ing anything, I hope they turn up the verbosity with `-vv` to check the error message and check the PyPI/python.org status page http://status.python.org/ . And we've just started up a pretty low-traffic PyPI announcement email list https://mail.python.org/mm3/mailman3/lists/pypi-announce.... that would probably be good for folks to subscribe to if they are at companies that depend on PyPI.