MySQL ERROR 2026 - SSL connection error - Ubuntu 20.04

Ubuntu 20 has improved the security level. The only way i could connect whas allowing the tls 1 .

Edit this file:

/usr/lib/ssl/openssl.cnf

And put at the beginning of file:

openssl_conf = default_conf

And in the end of that file too:

[ default_conf ]

ssl_conf = ssl_sect

[ssl_sect]

system_default = ssl_default_sect

[ssl_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT:@SECLEVEL=1

It help me a lot: https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level


For anyone googling, you can use this flag in mysql cmd: --ssl-mode=DISABLED. I.E:

mysql -uuser -p'myPassw0rd!' -hmysql.company.com --ssl-mode=DISABLED

Add this to your mysql 5.7 server config file and then restart your mysql service

[mysqld]
tls_version=TLSv1.2

Now you should be able to connect to it using tls 1.2, which is the default in Ubuntu 20.04


For the sake of completeness, in Ubuntu 20.04 actually my.cnf and mysql.cnf are actually the same file. So editing either one will work.

$ readlink -f /etc/mysql/my.cnf
/etc/mysql/mysql.cnf

Bump mysqlclient to v2.X, which added ssl_mode option, https://github.com/PyMySQL/mysqlclient-python/blob/main/HISTORY.rst

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'yamcha',
        'USER': 'yamcha',
        'PASSWORD': 'xxxxxxxxxxxxxxx',
        'HOST': 'database.yourproject.com',
        'PORT': '3309',
        'OPTIONS': {'ssl_mode': 'DISABLED'},
    }
}