ssl flask-sqlalchemy google-cloud-sql pymysql

Lost connection to MySQL while connecting using SSL

I am trying to connect to a Cloud SQL instance running MySQL using SSL and Flask-SQLAlchemy. Here are the steps I've followed:

I've been able to open a connection over 127.0.0.1:3306 using the Cloud SQL Auth Proxy just fine
I can successfully connect to the DB using MySQL Workbench in this configuration, so then I tried connecting with SSL
I generated the client certs
I specified the following connect args:

current_app.config['SQLALCHEMY_POOL_RECYCLE'] = 280
current_app.config['SQLALCHEMY_POOL_TIMEOUT'] = 20
current_app.config['SQLALCHEMY_ENGINE_OPTIONS'] = {
      'connect_args': {
          'ssl': {
              'cert': '~/AppData/Local/Google/Cloud SDK/Projects/SIF/certs/client-cert.pem',
              'key': '~/AppData/Local/Google/Cloud SDK/Projects/SIF/certs/client-key.pem',
              'ca': '~/AppData/Local/Google/Cloud SDK/Projects/SIF/certs/server-ca.pem'
          }
      }
  }

Now, whenever I try to open a connection, I get the error Lost connection to MySQL server during query

What am I doing wrong here?

Side question: Do I even need to try to configure SSL when connecting to the DB from within App Engine?

Solution

If you are connecting via the Cloud SQL Auth Proxy, client SSL certificates are not required nor supported. The proxy handles authentication and encryption with Cloud SQL. If you add SSL certificates to connect to the proxy, the connection will fail as the proxy is not expecting that connection type.