For a project I need to make a change to existing code for supporting a MySQL connection using SSL certificates. The implemented package is mysql.connector
and is heavily integrated in other parts of the source-code, so replacing it with pymysql
isn't an option.
Using the following config:
config = {
'user': 'ssl-username',
'password': 'password',
'host': '4.1.3.2',
'ssl_ca': '/path/to/ca.pem',
'ssl_cert': '/path/to/cert.pem',
'ssl_key': '/path/to/key.pem'
}
The following attempts fail:
mysql.connector.connect(**config, client_flags=[ClientFlag.SSL])
mysql.connector.connect(**config, client_flags=[ClientFlag.SSL], use_pure=True)
The following works:
pymysql.connect(**config)
The trace of the failing attempts provide the following info:
Traceback (most recent call last):
File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/network.py", line 421, in switch_to_ssl
self.sock.do_handshake()
File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL] internal error (_ssl.c:1123)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/__init__.py", line 179, in connect
return MySQLConnection(*args, **kwargs)
File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/connection.py", line 95, in __init__
self.connect(**kwargs)
File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/abstracts.py", line 716, in connect
self._open_connection()
File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/connection.py", line 208, in _open_connection
self._do_auth(self._user, self._password,
File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/connection.py", line 134, in _do_auth
self._socket.switch_to_ssl(**ssl_options)
File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/network.py", line 426, in switch_to_ssl
raise errors.InterfaceError(
mysql.connector.errors.InterfaceError: 2055: Lost connection to MySQL server at '34.91.73.12:3306', system error: 1 [SSL] internal error (_ssl.c:1123)
>>> del conn_args["client_flags"]
>>> mysql.connector.connect(**conn_args)
Traceback (most recent call last):
File "/home/user/.local/lib/python3.8/site-packages/mysql/connector/network.py", line 421, in switch_to_ssl
self.sock.do_handshake()
File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL] internal error (_ssl.c:1123)
What can be wrong, since the error message isn't very descriptive.
I let it rest for a while and after new investigation I found the culprit. Apparently the package has been renamed from mysql-connector
to mysql-connector-python
. Since the error itself was incomplete it took manual inspection of the code to figure out that the latest version from pip3
wasn't actually the latest version.