Unable to install libssl1.0.0:i386 due to "unmet dependencies"?

Question

I have read and followed the advice in this question to no avail. I am attempting to install libssl1.0.0:i386 on my 14.04 box (amd64), but when I try to do this via APT, I receive the following error message:

nathan@nathan-desktop:~$ sudo apt-get install libssl1.0.0:i386
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help resolve the situation:

The following packages have unmet dependencies:
 default-jre-headless : Depends: openjdk-7-jre-headless (>= 7~u3-2.1.1) but it is not going to be installed
 openjdk-7-jre : Depends: openjdk-7-jre-headless (= 7u55-2.4.7-1ubuntu1) but it is not going to be installed
                 Recommends: libgnome2-0 but it is not going to be installed
                 Recommends: libgnomevfs2-0 but it is not going to be installed
 openssh-client : Depends: libssl1.0.0 (>= 1.0.1) but it is not going to be installed
 openssh-server : Depends: libssl1.0.0 (>= 1.0.1) but it is not going to be installed
                  Depends: openssh-sftp-server but it is not going to be installed
                  Recommends: ssh-import-id but it is not going to be installed
E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.

I have all of the latest updates installed. I have run apt-get -f install. I have made sure that all repositories are enabled in Software Sources.

What could be causing this?

Update:

Here are the contents of apt-cache policy libssl1.0.0:

libssl1.0.0:
  Installed: 1.0.1g-1ppa1~trusty1
  Candidate: 1.0.1g-1ppa1~trusty1
  Version table:
 *** 1.0.1g-1ppa1~trusty1 0
        100 /var/lib/dpkg/status
     1.0.1f-1ubuntu2.1 0
        500 http://ca.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 Packages
     1.0.1f-1ubuntu2 0
        500 http://ca.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages

...and apt-cache policy libssl1.0.0:i386:

libssl1.0.0:i386:
  Installed: (none)
  Candidate: 1.0.1f-1ubuntu2.1
  Version table:
     1.0.1f-1ubuntu2.1 0
        500 http://ca.archive.ubuntu.com/ubuntu/ trusty-updates/main i386 Packages
        500 http://security.ubuntu.com/ubuntu/ trusty-security/main i386 Packages
     1.0.1f-1ubuntu2 0
        500 http://ca.archive.ubuntu.com/ubuntu/ trusty/main i386 Packages

This could easily be due to a version mismatch for whatever reason. When installing multiarch packages, the versions must be identical. Have you run sudo apt-get update to ensure your package lists are up to date? What do apt-cache policy libssl1.0.0 and apt-cache policy libssl1.0.0:i386 show? — Michael Miller, May 07 '14 at 05:27
If you don't have openjdk = 7u55 and libssl = 1.0.1 than for whatever reason you don't in fact have the latest updates. Do you indeed have held packages as suggested? These 2 versions are the latest critical security updates and break earlier versions. — chaskes, May 07 '14 at 05:30
@mtmiller: I've added the output of the last two. I'm noticing something unusual in the first one. — Nathan Osman, May 07 '14 at 05:30
You have ppa's instead of the standard package for libssl. Can the 386 version be on a different version? If not, there's the problem. — chaskes, May 07 '14 at 05:31
Yeah, that's what I just noticed too. But the only two .list files I have in /etc/apt/sources.list.d are for Google Web Designer and Google Music Manager. Shouldn't PPAs show up in that directory? — Nathan Osman, May 07 '14 at 05:34
Hmm, but I would guess that since the update to ssl took awhile, you installed a ppa to get the fix immediately. And what's going on with your openjdk? Why not 7u55? — chaskes, May 07 '14 at 05:35
@chaskes: You are absolutely right (good thinking). I did do that. Now how do I undo this mess? As for OpenJDK - I'm betting that it's getting held due to OpenSSL. No wait - I don't think I installed OpenJDK 7... I only installed 6. — Nathan Osman, May 07 '14 at 05:36
@NathanOsman: Try apt-get install libssl1.0.0/trusty. If you don't have a PPA configured now, that should downgrade to the version from the 14.04 repository. Then you should be able to install libssl1.0.0:i386. — Michael Miller, May 07 '14 at 05:38
@mtmiller: If I do that, I am warned that "The following packages will be REMOVED: libcurl4-openssl-dev libpq-dev libssl-dev postgresql-server-dev-9.3 postgresql-server-dev-all" — Nathan Osman, May 07 '14 at 05:40
What if you set them to manual first? Also, have you in fact removed the ppa? If so, you should just be able to run apt-get update and get the standard version again. — chaskes, May 07 '14 at 05:41
@chaskes: I've set them to manual with apt-mark but apt still insists that they will be removed if I downgrade libssl. I'm not sure if apt-get update will update since the PPA version ended in g and the repository's version ends in f still. — Nathan Osman, May 07 '14 at 05:44
@NathanOsman: Is it possible these packages also came from a PPA and were rebuilt to depend on the 1.0.1g version of libssl you have installed? — Michael Miller, May 07 '14 at 05:45
@mtmiller: Nope - impossible. I'm actually the guy that uploaded the OpenSSL packages to the PPA and those were the only packages I uploaded. (I created the PPA and uploaded the packages the day Heartbleed was announced.) — Nathan Osman, May 07 '14 at 05:46
apt-get update won't update the ppa,no. but removing the ppa (it must still be in your regular sources.list will let update install the f version. — chaskes, May 07 '14 at 05:50
I finally made it work with this: "sudo apt-get install libssl1.0.0/trusty libssl-dev/trusty openssl/trusty". — Nathan Osman, May 07 '14 at 06:44
@NathanOsman, ok that makes sense, because libssl-dev came from the same PPA. I was looking right past that earlier. — Michael Miller, May 07 '14 at 13:44
@NathanOsman I'm writing up this discussion into an answer because I think it might be useful to see the complete solution described and explained. If it turns out not to be useful or a duplicate of another answer that I missed, that's fine too. — Michael Miller, May 07 '14 at 17:53

score 21 · Answer 1 · edited Jun 25 '20 at 19:34

21

I am using Ubuntu 20.04, below steps work for me:

Add 18.04's main repository using

echo "deb http://security.ubuntu.com/ubuntu bionic-security main" | sudo tee -a /etc/apt/sources.list.d/bionic.list

Update repository cache and check if libssl1.0-dev is now available.

sudo apt update
apt-cache policy libssl1.0-dev

Install libssl1.0-dev.

sudo apt-get install libssl1.0-dev

edited Jun 25 '20 at 19:34

Kulfy

17,696

answered Jun 25 '20 at 19:02

Javatech Automation

211

1

I was having this issue on ec2 ubuntu 20 instance and this solved the issue. – easwee Oct 30 '20 at 11:22

score 9 · Accepted Answer · edited Apr 13 '17 at 12:24

This kind of error message usually indicates that a package is being installed that conflicts with other installed packages and would have forced removal of other dependent packages. When installing the same package for more than one architecture at the same time (see MultiArch), amd64 and i386 in this case, the versions of the packages to be installed must match exactly.

What likely happened in this case (confirmed by our discussion in the comments) is that libssl1.0.0 was upgraded to a PPA version that is newer than any version available from the Ubuntu repositories. If the PPA was later disabled or unconfigured, the newer packages normally remain installed. Read this question for the difference between disabling and purging a PPA. However, if you've already removed the PPA from your apt configuration, you'll need to manually downgrade the packages that were previously upgraded from the PPA.

To be able to install libssl1.0.0:i386, you must have the same version of libssl1.0.0:amd64 installed from the repository. And because the openssl source package builds multiple related binary packages, you have to ensure that all of its packages are also on the same version. If you don't specify all packages you want to downgrade, apt will prefer to uninstall rather than downgrade. In this case, if you have libssl1.0.0, libssl-dev, and openssl installed from a PPA, you should

sudo apt-get install libssl1.0.0/trusty libssl-dev/trusty openssl/trusty

Answer yes to apt-get's prompt about downgrading the packages. You should now be able to install the libssl1.0.0:i386 package from the repository.

Glad to see you answered. I was just about to suggest you turn your comments into an answer. :) — chaskes, May 07 '14 at 18:06
For people on Ubuntu 16.04, you'll have to run this :
sudo apt-get install libssl/xenial libssl-dev/xenial openssl/xenial — Manan Jadhav, Dec 18 '16 at 16:24

score 2 · Answer 3 · edited Apr 16 '18 at 10:57

2

This is because the web socket library is not installed. Try running

sudo apt-get install libwebsockets-dev

before running

sudo apt-get install mosquitto

edited Apr 16 '18 at 10:57

muru

197,895
55
485
740

answered Apr 16 '18 at 10:44

sharat kanthi

21

score 1 · Answer 4 · answered Jun 29 '17 at 02:57

I reached here trying to install the official mongodb-org on debian 9 stretch. However I faced a similar error than you:

user@debian:~/folder$ sudo apt-get install -y mongodb-org
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 mongodb-org : Depends: mongodb-org-shell but it is not going to be installed
               Depends: mongodb-org-server but it is not going to be installed
               Depends: mongodb-org-mongos but it is not going to be installed
               Depends: mongodb-org-tools but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

and trying to install the packages one by one:

user@debian:~/folder$ sudo apt-get install -y mongodb-org-tools 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 mongodb-org-tools : Depends: libssl1.0.0 (>= 1.0.1) but it is not installable
E: Unable to correct problems, you have held broken packages.

And I found my solution in next article: https://linuxconfig.org/how-to-install-spotify-on-debian-9-stretch-linux

It only install the old ssl package doing:

$ wget http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
$ sudo dpkg -i libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb

After doing this, mongodb-org was installed good. hope you'll find it helpful.

Actual link is http://security-cdn.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u10_amd64.deb — AstraSerg, Nov 24 '18 at 06:03

Unable to install libssl1.0.0:i386 due to "unmet dependencies"?

4 Answers4

Linked