8

I am attempting to connect to MongoDB hosted on an AWS instance with a key file. I am able to ssh into the instance and connect to the database with no issues. When I try to connect to the database from a remote location with pymongo I receive this error: ServerSelectionTimeoutError: SSL handshake failed: EOF occurred in violation of protocol

Port 27017 is open and the source is set to 0.0.0.0/0. 

from pymongo import MongoClient

client = MongoClient('mongodb://ec2-123-45-678-910.compute-1.amazonaws.com', 
                     27017, 
                     ssl=True, 
                     ssl_keyfile='/path_to/mykey.pem')

db = client.test
coll = db.foo
coll.insert_many(records)

ServerSelectionTimeoutError: SSL handshake failed: EOF occurred in violation of protocol (_ssl.c:645)

This question is nearly identical to mine, however the error is different and the solution posted there does not apply to my issue.

The address and key here have been changed, I have been going in circles on this for hours with no luck, any help would be appreciated.

Community
  • 1
  • 1
johnchase
  • 13,155
  • 6
  • 38
  • 64
  • The error sounds like the server or client is not configured to do SSL, maybe see https://docs.mongodb.com/manual/tutorial/configure-ssl/ – at0mzk Oct 08 '16 at 01:07
  • Is the `ssl_keyfile` param value the `pem` to the machine instance or to the MongoDB ? See [Configure MongoDB for TLS/SSL](https://docs.mongodb.com/manual/tutorial/configure-ssl/) – Wan B. Oct 09 '16 at 23:16

5 Answers5

6

This issue can cause because of following issue:

  1. version of pymongo (suggest to use 3.3.0, which worked for me)

  2. It can be a DNS issue, etc, in fact you could check for a DNS issue using:

telnet xx.xx.xx.xx port

  1. can be a firewall issue

  2. Can be an issue with ssl key. Try the following to test:

    import os
    
    import pymongo
    
    import ssl
    
    URL="url:port/db?ssl=true"
    
    client = pymongo.MongoClient(URL, ssl_cert_reqs=ssl.CERT_NONE)
    
    db = client.get_default_database()
    
    print db
    
    print db.collection_names()
Parth Soni
  • 11,158
  • 4
  • 32
  • 54
user2805885
  • 1,683
  • 1
  • 14
  • 17
4

I had the same problem (SSL handshake) with Pymongo module to connect to DocumentDB Azure (Data Base).

The error :

ServerSelectionTimeoutError: SSL handshake failed: EOF occurred in violation of protocol (_ssl.c:590)

I was using pymongo==3.4.0

To resolve this :

Change the version of pymongo by installing the 3.3.0 version

pip install pymongo==3.3.0

Try:

import pymongo pymongo.__version__

abdelhadi danba
  • 153
  • 7
1

For me, the problem was that my Python setup only supported TLS 1.0 – not TLS 1.1 or above.

You can check it like this:

Python 3

> from urllib.request import urlopen
> urlopen('https://www.howsmyssl.com/a/check').read()

Python 2

> from urllib2 import urlopen
> urlopen('https://www.howsmyssl.com/a/check').read()

Check the output for the key tls_version. If it says TLS 1.0 and not TLS 1.1 or TLS 1.2 that could be the problem.

If you're using a virtualenv, be sure to run the command inside.

Solution: Install Python with a newer version of OpenSSL

In order support TLS 1.1 or above, you may need to install a newer version of OpenSSL, and install Python again afterwards. This should give you a Python that supports TLS 1.1.

The process depends on your operating system – here's a guide for OS X.

virtualenv users
For me, the Python outside of my virtualenv had TLS 1.2 support, so just I removed my old virtualenv, and created a new one with the same packages and then it worked. Easy peasy!

See also:

  • The warning about TLS 1.0 in the Python 3 section in the PyMongo documenation. Although it's under the Python 3 section it also applies to Python 2
qff
  • 5,524
  • 3
  • 37
  • 62
1

I had the same issue and talked for 30 minutes with the Mongo Atlas support which deployed over AWS. I run the next terminal command:

/Applications/Python\ 3.6/Install\ Certificates.command
Roy Segall
  • 336
  • 2
  • 6
1

I had the same issue. Please check if you are connected via VPN. when I disconnected it resolved my problem.

Suman Rack
  • 11
  • 1
  • its better to say this kind of answer with comment to the question – javad bat Jan 07 '20 at 06:09
  • This post isn't an actual attempt at answering the question. Please note [StackOverflow doesn't work like a discussion forum](http://stackoverflow.com/tour), it is a Q&A site where every post is either a question or an answer to a question. Posts can also have [comments](http://stackoverflow.com/help/privileges/comment) - small sentences like this one - that can be used to critique or request clarification from an author. This should be either a comment or a [new question](http://stackoverflow.com/questions/ask) – ρяσѕρєя K Jan 07 '20 at 06:20