MySQL ERROR 2026 - SSL connection error - Ubuntu 20.04
Ubuntu 20 has improved the security level. The only way i could connect whas allowing the tls 1 .
Edit this file:
/usr/lib/ssl/openssl.cnf
And put at the beginning of file:
openssl_conf = default_conf
And in the end of that file too:
[ default_conf ]
ssl_conf = ssl_sect
[ssl_sect]
system_default = ssl_default_sect
[ssl_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT:@SECLEVEL=1
It help me a lot: https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level
For anyone googling, you can use this flag in mysql
cmd: --ssl-mode=DISABLED
. I.E:
mysql -uuser -p'myPassw0rd!' -hmysql.company.com --ssl-mode=DISABLED
Add this to your mysql 5.7 server config file and then restart your mysql service
[mysqld]
tls_version=TLSv1.2
Now you should be able to connect to it using tls 1.2, which is the default in Ubuntu 20.04
For the sake of completeness, in Ubuntu 20.04 actually my.cnf
and mysql.cnf
are actually the same file. So editing either one will work.
$ readlink -f /etc/mysql/my.cnf
/etc/mysql/mysql.cnf
Bump mysqlclient
to v2.X, which added ssl_mode
option, https://github.com/PyMySQL/mysqlclient-python/blob/main/HISTORY.rst
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'yamcha',
'USER': 'yamcha',
'PASSWORD': 'xxxxxxxxxxxxxxx',
'HOST': 'database.yourproject.com',
'PORT': '3309',
'OPTIONS': {'ssl_mode': 'DISABLED'},
}
}