mongodbflaskflask-pymongo

flask_pymongo : PyMongo vs MongoClient : [SSL: CERTIFICATE_VERIFY_FAILED]

I have a huge flask application and I use the PyMongo class from flask_pymongo for MongoDB operations. My issue is in development environment.

I have a MONGO_URI in my config.py like this:

MONGO_URI = "mongodb+srv://username:password@cluster-name.pihvl.gcp.mongodb.net/db_name?retryWrites=true&w=majority"

Usage in my app looks like this:

# This is how I have initialized it in '__init__.py'
from flask_pymongo import PyMongo
mongo = PyMongo(app)

# This is how I access collections in the specified DB
document = mongo.db[collection_name].find() # Throws the below error

This worked fine until a couple days ago when I reinstalled Windows and also Python from scratch. Now the same code throws the following error:

pymongo.errors.ServerSelectionTimeoutError: cluster-name-shard-00-01.pihvl.gcp.mongodb.net:27017: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate

But using MongoClient instead of PyMongo works just fine, like this:

# Using MongoClient and setting 'ssl_cer_reqs'
from flask_pymongo import MongoClient
import ssl
mongo = MongoClient(app.config['MONGO_URI'], ssl_cert_reqs=ssl.CERT_NONE)

# This works just fine
document = mongo[db_name][collection_name].find()

Questions

What changed with PyMongo when I reinstalled everything? I don't want to use MongoClient simply for the fact that there are over 100 endpoints and it is a nightmare to shift now, and also I prefer PyMongo because I don't have to specify the db_name in every query, it gets that from the MONGO_URI.

What am I missing and how do I make it work with PyMongo? Is there a way to set the ssl_cert_reqs while using PyMongo?

Solution

  • IMPORTANT: Do this only if you're facing this issue in development environment

    All I had to do was add &ssl=true&ssl_cert_reqs=CERT_NONE to my MONGO_URI in my Development Configuration so now my uri would change from:

    mongodb+srv://username:password@cluster-name.pihvl.gcp.mongodb.net/db_name?retryWrites=true&w=majority

    to:

    mongodb+srv://username:password@cluster-name.pihvl.gcp.mongodb.net/db_name?retryWrites=true&w=majority&ssl=true&ssl_cert_reqs=CERT_NONE