I am trying to connect flask app mysql connection with AWS RDS over ssl , It works when I am try to use mysql client like this
mysql -u user -h myrds.rds.amazonaws.com -p --ssl-ca=rds-combined-ca-bundle.pem
I am able to login but when I am try with flask app
SQLALCHEMY_DATABASE_URI = 'mysql://user:Password@myrds.rds.amazonaws.com.rds.amazonaws.com/miro_dev?ssl_cert=rds-combined-ca-bundle.pem'
it send me error
sqlalchemy.exc.OperationalError: (_mysql_exceptions.OperationalError) (2026, 'SSL connection error: Unable to get private key')
I think that in your case the connection string is correct, you just need to use ssl_ca option and not ssl_cert:
SQLALCHEMY_DATABASE_URI = 'mysql://user:password@myrds.rds.amazonaws.com.rds.amazonaws.com/miro_dev?ssl_ca=rds-combined-ca-bundle.pem'
I was able to get this work by adding
?sslmode=verify-ca&sslrootcert=rds-combined-ca-bundle.pem
to the connection string.
This came from the postgresql docs here along with the aws docs.
You can change the sslmode to require if you do not care about verifying the rds. I downloaded the pem file from here.
I do this:
...
ssl_args = {'ssl': {'ca': 'YOUR_SSL_CERT_PATH'}}
db_url = 'mysql://{}:{}@{}/{}'.format(username, password, server, database)
engine = create_engine(db_url, connect_args=ssl_args, echo=False)
cnx = engine.connect()
df = pd.read_sql_table('table_name', cnx)
And I'd suggest to not input a path like follows:
~/...
but:
/home/YOUR_USER/...
来源:https://stackoverflow.com/questions/36372772/flask-sqlalchemy-ssl-connection-with-aws-rds-error