Details
-
Bug
-
Status: Closed (View Workflow)
-
Minor
-
Resolution: Not a Bug
-
1.0.2, 1.0.6
-
None
-
Client:
- Ubuntu Xenial 16.04
- Python3.6
SSL cert creation:
- OpenSSL 1.0.2g
Server version:
- 10.1.44-MariaDB-0ubuntu0.18.04.1 Ubuntu 18.04
Python 3.6.11
Description
What I want:
Upgrade MariaDB Connector/Python from version 1.0.1 to any more recent versions.
Problem:
I get an error when using mariadb.connect():
SSL connection error: self signed certificate
|
What I did:
Because of some technical limitations, I have to compile and install MariaDB Connector/Python on a build machine and then move the resulting files to the machine that runs the Python code.
I have been following these instructions:
https://mariadb.com/kb/en/about-mariadb-connector-odbc/#installing-mariadb-connectorodbc-on-debianubuntu
With 1.0.1 I can connect with TLS with this code:
[truncated]
|
ssl = { 'ssl_ca': ca_path } |
|
|
|
|
conn = mariadb.connect( |
user = user, |
password = pwd, |
host = host, |
port = port, |
database = db_name, |
ssl = ssl |
)
|
[truncated]
|
With 1.0.2 and above, that code returns this error:
ssl = ssl
|
TypeError: an integer is required (got type dict)
|
This is easily fixable with this code:
conn = mariadb.connect( |
user = user, |
password = pwd, |
host = host, |
port = port, |
database = db_name, |
ssl_ca = ca_path, |
)
|
But then, we get a new error, which is what I need help with:
SSL connection error: self signed certificate
|
I don't know what makes this error show up from version 1.0.1 to 1.0.2, and I can't find relevant information on the internet.
Some additional info:
OpenSSL:
OpenSSL> version
|
OpenSSL 1.0.2g 1 Mar 2016
|
MariaDB SSL vars:
MariaDB [(none)]> SHOW VARIABLES LIKE '%ssl%';
|
+---------------------+------------------------------------------+
|
| Variable_name | Value |
|
+---------------------+------------------------------------------+
|
| have_openssl | NO |
|
| have_ssl | YES |
|
| ssl_ca | /etc/mysql/certificates//ca.pem |
|
| ssl_capath | |
|
| ssl_cert | /etc/mysql/certificates//server-cert.pem |
|
| ssl_cipher | |
|
| ssl_crl | |
|
| ssl_crlpath | |
|
| ssl_key | /etc/mysql/certificates//server-key.pem |
|
| version_ssl_library | YaSSL 2.4.4 |
|
+---------------------+------------------------------------------+
|
10 rows in set (0.00 sec)
|
|
|
MariaDB [(none)]> show session status like 'ssl_version';
|
+---------------+-------+
|
| Variable_name | Value |
|
+---------------+-------+
|
| Ssl_version | TLSv1 |
|
+---------------+-------+
|
1 row in set (0.00 sec)
|
|
|
MariaDB [(none)]> show session status like 'ssl_cipher';
|
+---------------+--------------------+
|
| Variable_name | Value |
|
+---------------+--------------------+
|
| Ssl_cipher | DHE-RSA-AES256-SHA |
|
+---------------+--------------------+
|
1 row in set (0.00 sec)
|
|