Share via

SSL handshake failed in cosmosdb mongo api with python

PALMA MARTINEZ, YERAY (EXTERNAL) 25 Reputation points
2023-08-17T07:23:37.85+00:00

I am trying to connect a database in azure cosmos that uses the Mongo DB API in Python. When I create the client, I get the SSL handshake failed error and I don't know how to solve it. I am aware that there is some thread that talks about this issue, and I have added to my code its recommendation, however I have not been able to make it work.

I have added the tlsCAFile=certifi.where() when creating the client, but I have not been able to solve it. I have seen people recommending ssl_cert_reqs=ssl.CERT_NONE or tlsAllowInvalidCertificates=True, but I don't want to mute the problem and lose security. Furthermore, even assuming the security loss I have not been able to make it work.

I am relying on this Azure Cosmos help page to create my client. I have already configured the environment variables.

Link to azure tutorial

Any help is welcome, thank you very much in advance. I have also this question in Stackoverflow

This is my code summarized:

import getpass
import certifi
import pymongo
import os
import sys
import pymongo
from dotenv import load_dotenv
from random import randint

#[...]

def main():
    """Connect to the API for MongoDB, create DB and collection, perform
    CRUD operations
    """
    # Variable for resource group name
    load_dotenv()
    CONNECTION_STRING = os.environ.get("COSMOS_CONNECTION_STRING")
    client = pymongo.MongoClient(CONNECTION_STRING,tls=True,tlsCAFile=certifi.where())

    for prop, value in vars(client.options).items():
        print("Property: {}: Value: {} ".format(prop, value))

    try:
        client.server_info()  # validate connection string
    except pymongo.errors.ServerSelectionTimeoutError:
        raise TimeoutError(
            "Invalid API for MongoDB connection string \
                or timed out when attempting to connect"
        )

    collection = create_database_unsharded_collection(client)
    document_id = insert_sample_document(collection)

    read_document(collection, document_id)
    update_document(collection, document_id)
    delete_document(collection, document_id)


if __name__ == "__main__":
    main()
Azure Cosmos DB
Azure Cosmos DB
An Azure NoSQL database service for app development.
Answer accepted by question author
  1. SSingh-MSFT 16,461 Reputation points Moderator
    2023-08-22T04:28:46.8333333+00:00

    Hi @PALMA MARTINEZ, YERAY (EXTERNAL) ,

    I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.

    Solution adopted:

    If we work with a company network, for security reasons they have some ports closed. In such cases, some ports could be closed for security reasons and when opens the client was well configured.

    Your case port was 10255.

    Thanks for your support.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. PALMA MARTINEZ, YERAY (EXTERNAL) 25 Reputation points
    2023-08-21T14:20:13.1366667+00:00

    I have managed to solve the problem. If you work with a company network, for security reasons they have some ports closed. In my case, port 10255 was closed for security reasons and the client was well configured.

    Link that helped me

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.