"SSL handshake failed: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]")>]>

"SSL handshake failed: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]")>]>

所以我在 AWS 上创建了一个 documentDB 集群,并将其托管在 EC2 实例上。他们都在同一个VPC中。

在 EC2 实例中,我可以使用

通过 shell 连接到它
mongo --ssl --host <Hostname> --sslCAFile rds-combined-ca-bundle.pem --username <Username>--password <insertYourPassword>

但是当我尝试 运行 我的 python 文件进行连接时,它给了我一个警告

/home/ubuntu/.local/lib/python3.8/site-packages/pymongo/common.py:787: UserWarning: Unknown option ssl_ca_certs
  warnings.warn(str(exc))

然后我得到一个错误

pymongo.errors.ServerSelectionTimeoutError: SSL handshake failed: <Hostname>: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')], Timeout: 30s, Topology Description: <TopologyDescription id: 62520d257a1153e03b78ec0b, topology_type: Unknown, servers: [<ServerDescription ('<Hostname>', 27017) server_type: Unknown, rtt: None, error=AutoReconnect("SSL handshake failed: <Hostname>: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]")>]>

这是 conntest.py

的代码
url = 'mongodb://<Username>:<insertYourPassword>@<host>/?ssl=true&ssl_ca_certs=rds-combined-ca-bundle.pem&retryWrites=false' 


client = pymongo.MongoClient(url) 

##Specify the database to be used
db = client.sample_database

##Specify the collection to be used
col = db.sample_collection

##Insert a single document
col.insert_one({'hello':'Amazon DocumentDB'})

##Find the document that was previously written
x = col.find_one({'hello':'Amazon DocumentDB'})

##Print the result to the screen
print(x)

##Close the connection
client.close()

参数组是默认的,除了 tls :禁用 ttl_monitor:禁用

.pem 文件本地保存在与 python 代码相同的文件夹中

您的 URL 字符串有误。你需要这样的东西:

url = 'mongodb://<Username>:<insertYourPassword>@<host>/?ssl=true&tlsCertificateKeyFile=rds-combined-ca-bundle.pem&retryWrites=false' 

我不确定您从哪里得到 ssl_ca_certs 参数。所有 URL 参数都记录在案 here