Pymongo:SSL握手失败:EOF违反协议(_ssl.c:590)

时间:2017-10-31 11:42:35

标签: mongodb ssl openssl ssl-certificate pymongo

我在使用pymongo连接到MongoDB时遇到SSL握手失败,其中SSL = True

Traceback (most recent call last):
  File "pymongo_ssl.py", line 7, in <module>
    print mongoClient.database_names()
  File "/home/modak/.virtualenvs/enod-venv/local/lib/python2.7/site-packages/pymongo/mongo_client.py", line 1149, in database_names
    "listDatabases")["databases"]]
  File "/home/modak/.virtualenvs/enod-venv/local/lib/python2.7/site-packages/pymongo/database.py", line 491, in command
    with client._socket_for_reads(read_preference) as (sock_info, slave_ok):
  File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__
    return self.gen.next()
  File "/home/modak/.virtualenvs/enod-venv/local/lib/python2.7/site-packages/pymongo/mongo_client.py", line 859, in _socket_for_reads
    with self._get_socket(read_preference) as sock_info:
  File "/usr/lib/python2.7/contextlib.py", line 17, in __enter__
    return self.gen.next()
  File "/home/modak/.virtualenvs/enod-venv/local/lib/python2.7/site-packages/pymongo/mongo_client.py", line 823, in _get_socket
    server = self._get_topology().select_server(selector)
  File "/home/modak/.virtualenvs/enod-venv/local/lib/python2.7/site-packages/pymongo/topology.py", line 214, in select_server
    address))
  File "/home/modak/.virtualenvs/enod-venv/local/lib/python2.7/site-packages/pymongo/topology.py", line 189, in select_servers
    self._error_message(selector))
pymongo.errors.ServerSelectionTimeoutError: SSL handshake failed: EOF occurred in violation of protocol (_ssl.c:590)

Python代码

from pymongo import MongoClient
MONGO_URI='mongodb://localhost:27017'
mongoClient = MongoClient(MONGO_URI, ssl=True, ssl_ca_certs='ca-certs.pem')
print mongoClient.database_names()`

1 个答案:

答案 0 :(得分:1)

您可能拥有仅支持TLS 1.0的Python设置 - 而不是TLS 1.1或更高版本。这至少是我遇到的问题。

您可以这样检查:

Python 3

> from urllib.request import urlopen
> urlopen('https://www.howsmyssl.com/a/check').read()

Python 2

> from urllib2 import urlopen
> urlopen('https://www.howsmyssl.com/a/check').read()

检查键tls_version的输出。如果它显示TLS 1.0而不是TLS 1.1TLS 1.2可能是问题。

如果你正在使用virtualenv,请务必在里面运行命令。

解决方案:使用较新版本的OpenSSL

安装Python

为了支持TLS 1.1或更高版本,您可能需要安装较新版本的OpenSSL,然后再安装Python。这应该会给你一个支持TLS 1.1的Python。

此过程取决于您的操作系统 - 这里是OS X的指南。

virtualenv用户
对我来说,我的virtualenv之外的Python有TLS 1.2支持,所以我删除了我的旧virtualenv,并创建了一个具有相同包的新的,然后它工作。容易腻!

另见

    PyMongo文档中的Python 3部分中的
  • The warning about TLS 1.0。虽然它在Python 3部分下,但它也适用于Python 2