I'm trying to connect Django to a MySQL database which is accessible through an SSL connection. How do I configure this? My first guess would be setting the 'OPTIONS' property of the database definition. However, I can't find info on what possible options to use. The option <code>'ssl': '/map/to/ca-cert.pem'</code> does not work. The following command seems to work: <pre class="prettyprint"><code>mysql -h url.to.host -u lizard -p --ssl-ca=./ca-cert.pem </code></pre> Edit: Ok I'm looking at the python-mysqldb documentation... maybe I can find the answer there.

The MySQL client must be provided with three keys: <ul> <li>CA cert</li> <li>client cert</li> <li>client key</li> </ul> See the MySQL documentation for the instructions for creating these keys and setting up the server. NOTE: There is an open issue that seems to be related to using openssl v1.0.1 to create the certificates for mysql 5.5.x This is an example entry for the Django settings file: <pre class="prettyprint"><code>DATABASES = { 'default': { 'ENGINE': 'django.db.backends.mysql', 'NAME': '<DATABASE NAME>', 'USER': '<USER NAME>', 'PASSWORD': '<PASSWORD>', 'HOST': '<HOST>', 'PORT': '3306', 'OPTIONS': { 'ssl': {'ca': '<PATH TO CA CERT>', 'cert': '<PATH TO CLIENT CERT>', 'key': '<PATH TO CLIENT KEY>' } } } } </code></pre>

How to connect Django to a MySQL database over an SSL connection?

Tags:

mysql

ssl

django

I'm trying to connect Django to a MySQL database which is accessible through an SSL connection. How do I configure this?

My first guess would be setting the 'OPTIONS' property of the database definition. However, I can't find info on what possible options to use. The option 'ssl': '/map/to/ca-cert.pem' does not work.

The following command seems to work:

mysql -h url.to.host -u lizard -p --ssl-ca=./ca-cert.pem

Edit: Ok I'm looking at the python-mysqldb documentation... maybe I can find the answer there.

563

asked Dec 01 '10 11:12

Jack Ha

2 Answers

The MySQL client must be provided with three keys:

CA cert
client cert
client key

See the MySQL documentation for the instructions for creating these keys and setting up the server.

NOTE: There is an open issue that seems to be related to using openssl v1.0.1 to create the certificates for mysql 5.5.x

This is an example entry for the Django settings file:

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',  
        'NAME': '<DATABASE NAME>',                     
        'USER': '<USER NAME>',
        'PASSWORD': '<PASSWORD>',
        'HOST': '<HOST>', 
        'PORT': '3306',
        'OPTIONS':  {
            'ssl': {'ca': '<PATH TO CA CERT>',
            'cert': '<PATH TO CLIENT CERT>',
            'key': '<PATH TO CLIENT KEY>'
            }
        }
    }
}

151

answered Oct 24 '22 17:10

Drew

I was getting a "SSL connection error: SSL_CTX_set_default_verify_paths failed') "error when running python manage.py migrate

I used pip to install django-mysql-ssl package. It still wasn't working. I had to change "ca" to "ssl-ca" and now it works.

'OPTIONS':  {
                    'ssl': {'ssl-ca': '<PATH TO CA CERT>',

                            }
                      }

I'm not sure if it is actually using encryption, but it no longer throws an error. I am running local django app connected to an AWS mariaDB instance.

Edit: django-mysql-ssl package is not required starting from Django 1.8, as the functionality is built-in now. See Dependencies section in the package description here

Dependencies

This application is confirmed to work with Django 1.5. It should also work with Django 1.6-1.7. This plugin is not necessary for Django 1.8, as the capability is built into the core.

answered Oct 24 '22 17:10

BBaker

Related questions
                            
                                Any tips on planning a large database [closed]
                            
                                MySQL: averaging with nulls
                            
                                SELECT * FROM tbl WHERE clm LIKE CONCAT('%',<other sql query LIMIT 1>,'%') - HOW?
                            
                                How do I install the Rails MySQL adapter?
                            
                                Setting Django/MySQL site to use UTF-8
                            
                                Return Single Field with Rails Query
                            
                                How do I add a total as the last row in my sql?
                            
                                Cannot pass parameter 2 by reference - uuid PDO
                            
                                Access Denied for MYSQL ERROR 1045
                            
                                SQL getting max id field on a LEFT JOIN
                            
                                Deadlock vs Lockwait Timeout on MySQL [closed]
                            
                                c3p0 maxIdleTime is same as wait_timeout of mysql?
                            
                                Not able to use mysql2 gem with Rails 4.1.5 in RubyMine
                            
                                MySQL Unrecognized Keyword near CASE
                            
                                How to import mysqlclient in python3 [duplicate]
                            
                                Hibernate - unable to find Entity with ID
                            
                                Can't connect to db from docker container [duplicate]
                            
                                Is there a mysql function that will format a unix timestamp?
                            
                                What is the best way to use number format in a MySQL query?
                            
                                SQL: select all unique values in table A which are not in table B

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With