Access denied while trying to establish SSL connection to Mysql server using python-mysql-connector

Question

I have a python app that needs to establish an ssl encrypted remote connection to a Mysql database. I am using the python-mysql-connector library.
Here is an example of the code:

config {
    'host':    'XX.XX.XX.XX',
    'user':    'user',
    'password':'password',
    'ssl_ca':  '/etc/app/ssl/ca.pem',
    'database':'database'
}
conn = mysql.connector.connect(**config)

SSL is enabled on the server.

The user is set up to require SSL (not X509).

I have FLUSH PRIVILEGES;

The file ca.pem was generated on the server and copied to the client machine and has the proper read permissions for the app.

Whenever I execute this code, I receive an error:

ERROR: MYSQL ERROR: 1045 (28000): Access denied for user 'user'@'XX.XX.XX.XX' (using password: YES)

This error only appears when I am using the python library to connect AND the the user is set to REQUIRE SSL. If I strip back the REQUIRE SSL requirement, I can connect. Albeit, with no ssl though.

I can run successfully on the client machine (as well as any other machine):

mysql -u 'user' -p -h XX.XX.XX.XX

This provides a secure connection.

Can anybody help me figure out how and why mysql-client has no problem establishing a secure connection while python-mysql-connector wil not?

Answer 1

The problem was permissions problem. While the file ca.pem had the appropriate permissions, it's directory (app/) did not have read access. Hence, the file could not be read.