Cannot TLS connect to GCP Cloud SQL(MySQL) using python3
Question
import ssl
sc = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
sc.load_verify_locations(cafile='./server-ca.pem')
sc.load_cert_chain(certfile='./client-cert.pem', keyfile='./client-key.pem')
#sc.check_hostname = False
async with aiomysql.create_pool(
host=host,
port=port,
user=user,
password=password,
db=db,
ssl=sc
)
I'm getting an error like this.
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: IP address mismatch, certificate is not valid for 'ip_address'. (_ssl.c:1108)
server-ca.pem, client-cert.pem, and client-key.pem are exported from the connection tab of GCP Cloud SQL.
#mysql --ssl-ca=./server-ca.pem --ssl-cert=./client-cert.pem --ssl-key=./client-key.pem --host=host --user=user --password
This mysql command can be used to access.
I would like you to tell me what the problem is.
1 answers
solution1
3 2020-04-21 18:06:57
Just encountered the same problem. You need to set the parameter check_hostname=False , such that SSL doesn't try to verify it.
ssl = {
'cert': ...,
'key': ...,
'ca': ...,
'check_hostname': False,
}
I'm using PyMySQL. You might look into how that applies to SSLContext in your case.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.