1

I have 2 devices on my local network: a remote MySQL server (using MariaDB 10.3) and a laptop (acting as a client with Python). I need to connect to a remote MySQL server via Python using SSL encryption.

When I try to connect to a remote MySQL server without using SSL everything works good:

import mysql.connector as mysql
HOST = "192.168.1.8"
DATABASE = "some_database_name"
USER = "ssluser"
PASSWORD = "some_password"
db_connection = mysql.connect(host=HOST, database=DATABASE, user=USER, password=PASSWORD)
print("Connected to:", db_connection.get_server_info())

Got the message:

Connected to: 5.5.5-10.3.27-MariaDB-0+deb10u1

But when I try to connect using SSL, I get the error:

import mysql.connector as mysql
HOST = "192.168.1.8"
DATABASE = "some_database_name"
USER = "ssluser"
PASSWORD = "some_password"
SSL_ca='/etc/mysql/ssl/ca.pem'
SSL_cert='/etc/mysql/ssl/client-cert.pem'
SSL_key='/etc/mysql/ssl/client-key.pem'
db_connection = mysql.connect(host=HOST, database=DATABASE, user=USER, password=PASSWORD, ssl_ca=SSL_ca, ssl_cert=SSL_cert, ssl_key=SSL_key, port=3306, ssl_verify_cert=True)
print("Connected to:", db_connection.get_server_info())

Got the error:

InterfaceError: 2026 (HY000): SSL connection error: SSL is required but the server doesn't support it

SSL is required but the server doesn't support it

On a remote MySQL server, I entered the following commands and received the following messages:

  1. SHOW VARIABLES LIKE '%ssl%';
+---------------------+--------------------------------+
| Variable_name | Value |
+---------------------+--------------------------------+
| have_openssl | NO |
| have_ssl | DISABLED |
| ssl_ca | /etc/mysql/ssl/cacert.pem |
| ssl_capath | |
| ssl_cert | /etc/mysql/ssl/server-cert.pem |
| ssl_cipher | TLSv1.2,TLSv1.3 |
| ssl_crl | |
| ssl_crlpath | |
| ssl_key | /etc/mysql/ssl/server-key.pem |
| version_ssl_library | YaSSL 2.4.4 |
+---------------------+--------------------------------+
  1. SHOW SESSION STATUS LIKE 'Ssl_cipher';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| Ssl_cipher | |
+---------------+-------+
  1. STATUS
--------------
mysql Ver 15.1 Distrib 10.3.27-MariaDB, for debian-linux-gnueabihf (armv8l) using readline 5.2
Connection id: 15
Current database: 
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 10.3.27-MariaDB-0+deb10u1 Raspbian 10
Protocol version: 10
Connection: 127.0.0.1 via TCP/IP
Server characterset: utf8mb4
Db characterset: utf8mb4
Client characterset: utf8mb4
Conn. characterset: utf8mb4
TCP port: 3306
Uptime: 13 hours 21 min 3 sec
Threads: 8 Questions: 17 Slow queries: 0 Opens: 17 Flush tables: 1 Open tables: 11 Queries per second avg: 0.000
--------------

In the config file /etc/mysql/mariadb.conf.d/50-server.cnf on the remote server I have set the following settings, below the line [mysqld]:

bind-address = 0.0.0.0
ssl-ca = /etc/mysql/ssl/cacert.pem
ssl-cert = /etc/mysql/ssl/server-cert.pem
ssl-key = /etc/mysql/ssl/server-key.pem
ssl-cipher = TLSv1.2,TLSv1.3
ssl = on
asked Jan 4, 2021 at 13:15

1 Answer 1

-1

Make sure you've commented out below in cnf

#skip_ssl

answered Nov 4, 2021 at 1:53

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.