我正在try 使用db_url通过flask应用程序中的一些安全选项连接到远程mysql(MariaDB)数据库.简化测试版本:
from sqlalchemy import create_engine
engine = create_engine(
'mysql+mysqlconnector://user:password@remote.host.com:3306/mydb?'+
'ssl_key=/path/to/key.pem'+
'&ssl_cert=/path/to/scrt.crt'
)
connection = engine.connect()
并获取导致SSL问题的错误
sqlalchemy.exc.InterfaceError: (mysql.connector.errors.InterfaceError) 2026 (HY000): SSL connection error: error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol
(Background on this error at: http://sqlalche.me/e/rvf5)
(我还try 了pymysql而不是mysqlconnector)
HOWEVER (what I don't understand)
mysql -u user -ppassword mydb -h remote.host.com --ssl-cert=/path/to/scrt.crt --ssl-key=/path/to/key.pem
以防万一:
> SHOW VARIABLES LIKE "%version%";
+-----------------------------------+------------------------------------------+
| Variable_name | Value |
+-----------------------------------+------------------------------------------+
| in_predicate_conversion_threshold | 1000 |
| innodb_version | 10.3.34 |
| protocol_version | 10 |
| slave_type_conversions | |
| system_versioning_alter_history | ERROR |
| system_versioning_asof | DEFAULT |
| version | 10.3.34-MariaDB-0ubuntu0.20.04.1 |
| version_comment | Ubuntu 20.04 |
| version_compile_machine | x86_64 |
| version_compile_os | debian-linux-gnu |
| version_malloc_library | system |
| version_source_revision | a36fc80aeb3f835fad02f443d65dc608b74b92d1 |
| version_ssl_library | YaSSL 2.4.4 |
| wsrep_patch_version | wsrep_25.24 |
+-----------------------------------+------------------------------------------+
以防万一2.同样在openssl配置/etc/ssl/openssl.cnf
中(服务器1,而不是remote.host.com)
...
[system_default_sect]
MinProtocol = TLSv1.1
...
注意:我最近将服务器更新为Ubuntu 20.04.4 LTS,将python更新为3.8.10(可能与此无关)