Search code examples
pythonmysqlsslpymysql

Python: Error with mysql.connector and SSL, but works with pymysql.connect


For a project I need to make a change to existing code for supporting a MySQL connection using SSL certificates. The implemented package is mysql.connector and is heavily integrated in other parts of the source-code, so replacing it with pymysql isn't an option.

Using the following config:

config = {
    'user': 'ssl-username',
    'password': 'password',
    'host': '4.1.3.2',
    'ssl_ca': '/path/to/ca.pem',
    'ssl_cert': '/path/to/cert.pem',
    'ssl_key': '/path/to/key.pem'
}

The following attempts fail:

mysql.connector.connect(**config, client_flags=[ClientFlag.SSL])
mysql.connector.connect(**config, client_flags=[ClientFlag.SSL], use_pure=True)

The following works:

pymysql.connect(**config)

The trace of the failing attempts provide the following info:

Traceback (most recent call last):
  File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/network.py", line 421, in switch_to_ssl
    self.sock.do_handshake()
  File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL] internal error (_ssl.c:1123)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/__init__.py", line 179, in connect
    return MySQLConnection(*args, **kwargs)
  File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/connection.py", line 95, in __init__
    self.connect(**kwargs)
  File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/abstracts.py", line 716, in connect
    self._open_connection()
  File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/connection.py", line 208, in _open_connection
    self._do_auth(self._user, self._password,
  File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/connection.py", line 134, in _do_auth
    self._socket.switch_to_ssl(**ssl_options)
  File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/network.py", line 426, in switch_to_ssl
    raise errors.InterfaceError(
mysql.connector.errors.InterfaceError: 2055: Lost connection to MySQL server at '34.91.73.12:3306', system error: 1 [SSL] internal error (_ssl.c:1123)
>>> del conn_args["client_flags"]
>>> mysql.connector.connect(**conn_args)
Traceback (most recent call last):
  File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/network.py", line 421, in switch_to_ssl
    self.sock.do_handshake()
  File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL] internal error (_ssl.c:1123)

What can be wrong, since the error message isn't very descriptive.


Solution

  • I let it rest for a while and after new investigation I found the culprit. Apparently the package has been renamed from mysql-connector to mysql-connector-python. Since the error itself was incomplete it took manual inspection of the code to figure out that the latest version from pip3 wasn't actually the latest version.