[英]pymysql cannot connect with SSL
I am trying to connect to a MySQL database using python but I am getting a strange error. 我试图使用python连接到MySQL数据库,但我收到一个奇怪的错误。 It is compounded by the fact that I can use the same connection values from the
mysql
console command and it connects with no problems. 事实上,我可以使用
mysql
控制台命令中的相同连接值,并且连接没有任何问题。
Here is the exact code I am using: 这是我正在使用的确切代码:
import pymysql from checks import AgentCheck 从check导入pymysql导入AgentCheck
class DelayedJobCheck(AgentCheck):
def check(self, instance):
self.log.info("testing connection")
self.log.info(instance)
connection = pymysql.connect(**instance)
cur = cnx.cursor(buffered=True)
cur.execute("SHOW STATUS LIKE 'Ssl_cipher'")
print(cur.fetchone())
cur.close()
cnx.close()
self.gauge('hello.world', 1)
This is the error that I am getting: 这是我得到的错误:
Traceback (most recent call last): File "/opt/datadog-agent/agent/checks/__init__.py", line 661, in run self.check(copy.deepcopy(instance)) File "/opt/datadog-agent/agent/checks.d/delayed_job.py", line 10, in check connection = pymysql.connect(**instance) File "/opt/datadog-agent/embedded/lib/python2.7/site-packages/pymysql/__init__.py", line 88, in Connect return Connection(*args, **kwargs) File "/opt/datadog-agent/embedded/lib/python2.7/site-packages/pymysql/connections.py", line 644, in __init__ self._connect() File "/opt/datadog-agent/embedded/lib/python2.7/site-packages/pymysql/connections.py", line 869, in _connect raise exc OperationalError: (2003, u"Can't connect to MySQL server on '192.168.199.86' ([SSL: SSL_NEGATIVE_LENGTH] dh key too small (_ssl.c:590))")
I am running this code on a Ubuntu box and I though initially that it might be because the SSL CA is a self generated cert. 我在Ubuntu盒子上运行此代码,但我最初可能是因为SSL CA是自生成的证书。 So I followed the steps here But, it did not make any difference.
所以我按照这里的步骤但是,它没有任何区别。 Also I have verified that the process that is running this code has full access to the cert files
此外,我已经验证运行此代码的进程具有对cert文件的完全访问权限
Any ideas what else might be causing this? 还有什么想法可能导致这个问题吗?
As the err info said dh key is too small, a larger one might help. 由于错误的信息说dh键太小,一个更大的键可能会有所帮助。 Replace the default dh512.pem file with dh4096.pem
用dh4096.pem替换默认的dh512.pem文件
sudo wget "https://git.openssl.org/gitweb/?p=openssl.git;a=blob_plain;f=apps/dh4096.pem" -O dh4096.pem
Ref: http://www.alexrhino.net/jekyll/update/2015/07/14/dh-params-test-fail.html 参考: http : //www.alexrhino.net/jekyll/update/2015/07/14/dh-params-test-fail.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.