I’m trying to connect mysql database with python mysql.connector module. I’m unable to establish the ssl connection as I’m getting the below error.

# python3
Python 3.6.8 (default, Jan  5 2024, 08:58:17)
[GCC 8.5.0 20210514 (Red Hat 8.5.0-20)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import mysql.connector
>>> connection = mysql.connector.connect(host='localhost', user='testuser', password='xxxxxxxx', database='testdb')
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/mysql/connector/network.py", line 421, in switch_to_ssl
    self.sock.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 1070, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 648, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:897)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python3.6/site-packages/mysql/connector/__init__.py", line 179, in connect
    return MySQLConnection(*args, **kwargs)
  File "/usr/local/lib/python3.6/site-packages/mysql/connector/connection.py", line 95, in __init__
    self.connect(**kwargs)
  File "/usr/local/lib/python3.6/site-packages/mysql/connector/abstracts.py", line 728, in connect
    self._open_connection()
  File "/usr/local/lib/python3.6/site-packages/mysql/connector/connection.py", line 239, in _open_connection
    self._ssl)
  File "/usr/local/lib/python3.6/site-packages/mysql/connector/connection.py", line 150, in _do_auth
    ssl_options.get('cipher'))
  File "/usr/local/lib/python3.6/site-packages/mysql/connector/network.py", line 427, in switch_to_ssl
    errno=2055, values=(self.get_address(), _strioerror(err)))
mysql.connector.errors.InterfaceError: 2055: Lost connection to MySQL server at 'localhost:3306', system error: 1 [SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:897)
>>>

However, with ssl_disabled=True I’m able to connect to the database. I want to use ssl based communication between my python script and mysql server. I’ve configured the certificates in mysql and certs are present in respective directory as well. please find mysql configuration below.

cat client.cnf
#
# These two groups are read by the client library
# Use it for options that affect all clients, but not the server
#


[client]
    ssl-mode=REQUIRED
    ssl-cert=/var/lib/mysql/client-cert.pem
    ssl-key=/var/lib/mysql/client-key.pem
cat mysql-server.cnf
#
# This group are read by MySQL server.
# Use it for options that only the server (but not clients) should see
#
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/en/server-configuration-defaults.html

# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mysqld according to the
# instructions in http://fedoraproject.org/wiki/Systemd

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysql/mysqld.log
pid-file=/run/mysqld/mysqld.pid
ssl-ca=/var/lib/mysql/ca.pem
ssl-cert=/var/lib/mysql/server-cert.pem
ssl-key=/var/lib/mysql/server-key.pem

Not sure if I’m doing things the right way. need someone point me to the right direction.
Thanks