Connectors-python mysql - selfsigned SSL can not verify

lenny1 · August 23, 2023, 6:46pm

Hello,

when I try to connect to our mysql / mariadb database instance using SSL and providing the CA-cert.pem file of the selfsigned certificate, the connectors-python connector outputs an error that the selfsigned SSL certificate of our database server can't be verified.

ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:997)

full error message from connectors-python with DEBUG loglevel activated:

$ make run
....
[FMWK][18:18:30][DEBUG] Polling every 30 seconds for Job Execution Service
[FMWK][18:18:30][DEBUG] Polling every 30 seconds for Job Scheduling Service
[FMWK][18:18:30][DEBUG] [Connector id: XXXXXXXX, index name: search-mysqlsrv] Status is Status.CONNECTED
[FMWK][18:18:30][DEBUG] [Connector id: XXXXXXXX, index name: search-mysqlsrv] Filtering is in state valid, skipping...
[FMWK][18:18:30][DEBUG] [Connector id: XXXXXXXX, index name: search-mysqlsrv] 'full' sync scheduling is disabled
[FMWK][18:18:30][DEBUG] [Connector id: XXXXXXXX, index name: search-mysqlsrv, Sync job id: YYYY] Setting '_features' for MySQL
[FMWK][18:18:30][DEBUG] [Connector id: XXXXXXXX, index name: search-mysqlsrv, Sync job id: YYYY] Validating configuration
[FMWK][18:18:31][DEBUG] Retrying (1 of 3) with interval: 2 and strategy: EXPONENTIAL_BACKOFF
[FMWK][18:18:33][DEBUG] Retrying (2 of 3) with interval: 2 and strategy: EXPONENTIAL_BACKOFF
[FMWK][18:18:37][ERROR] [Connector id: XXXXXXXX, index name: search-mysqlsrv, Sync job id: YYYY] (2003, "Can't connect to MySQL server on 'XXX.XXX.XXX.XXX'")
Traceback (most recent call last):
  File "/app/connectors-python/lib/python3.10/site-packages/aiomysql/connection.py", line 501, in _connect
    await self._request_authentication()
  File "/app/connectors-python/lib/python3.10/site-packages/aiomysql/connection.py", line 706, in _request_authentication
    self._reader, self._writer = await asyncio.open_connection(
  File "/usr/local/lib/python3.10/asyncio/streams.py", line 47, in open_connection
    transport, _ = await loop.create_connection(
  File "/usr/local/lib/python3.10/asyncio/base_events.py", line 1089, in create_connection
    transport, protocol = await self._create_connection_transport(
  File "/usr/local/lib/python3.10/asyncio/base_events.py", line 1119, in _create_connection_transport
    await waiter
  File "/usr/local/lib/python3.10/asyncio/sslproto.py", line 534, in data_received
    ssldata, appdata = self._sslpipe.feed_ssldata(data)
  File "/usr/local/lib/python3.10/asyncio/sslproto.py", line 188, in feed_ssldata
    self._sslobj.do_handshake()
  File "/usr/local/lib/python3.10/ssl.py", line 975, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:997)

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/app/connectors-python/connectors/sync_job_runner.py", line 126, in execute
    await self.data_provider.validate_config()
  File "/app/connectors-python/connectors/sources/mysql.py", line 458, in validate_config
    await self._remote_validation()
  File "/app/connectors-python/connectors/utils.py", line 450, in wrapped
    raise e
  File "/app/connectors-python/connectors/utils.py", line 447, in wrapped
    return await func(*args, **kwargs)
  File "/app/connectors-python/connectors/sources/mysql.py", line 466, in _remote_validation
    async with self.mysql_client() as client:
  File "/app/connectors-python/connectors/sources/mysql.py", line 186, in __aenter__
    self.connection_pool = await aiomysql.create_pool(**connection_string)
  File "/app/connectors-python/lib/python3.10/site-packages/aiomysql/pool.py", line 29, in _create_pool
    await pool._fill_free_pool(False)
  File "/app/connectors-python/lib/python3.10/site-packages/aiomysql/pool.py", line 167, in _fill_free_pool
    conn = await connect(echo=self._echo, loop=self._loop,
  File "/app/connectors-python/lib/python3.10/site-packages/aiomysql/connection.py", line 75, in _connect
    await conn._connect()
  File "/app/connectors-python/lib/python3.10/site-packages/aiomysql/connection.py", line 519, in _connect
    raise OperationalError(2003,
pymysql.err.OperationalError: (2003, "Can't connect to MySQL server on 'XXX.XXX.XXX.XXX'")
[FMWK][18:18:37][INFO] [Connector id: XXXXXXXX, index name: search-mysqlsrv, Sync job id: YYYY] Sync done: 0 indexed, 0 deleted. (6 seconds)
[FMWK][18:19:00][DEBUG] Polling every 30 seconds for Job Scheduling Service
[FMWK][18:19:01][DEBUG] [Connector id: XXXXXXXX, index name: search-mysqlsrv] Status is Status.ERROR
[FMWK][18:19:01][DEBUG] [Connector id: XXXXXXXX, index name: search-mysqlsrv] Filtering is in state valid, skipping...
[FMWK][18:19:01][DEBUG] [Connector id: XXXXXXXX, index name: search-mysqlsrv] 'full' sync scheduling is disabled

lenny1 · August 24, 2023, 12:08am

Is there an option to disable certificate validation?

system · September 21, 2023, 12:09am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Python SSL Error Elasticsearch	13	27952	August 14, 2019
SSL Cert in MySQL Connector Elasticsearch connectors	1	135	February 21, 2024
Python 3.6 and SSL issues Elasticsearch	3	1519	June 26, 2019
Connecting to Elasticsearch via Python with SSL and client certificate --> CERTIFICATE_VERIFY_FAILED Elasticsearch	2	2054	June 16, 2017
Connecting to %s using SSL with verify_certs=False is insecure Elasticsearch	4	9893	December 26, 2019

Connectors-python mysql - selfsigned SSL can not verify

Related topics