To use SSL connections between the MySQL server and client programs, your system must support either OpenSSL or yaSSL. As of MySQL 5.6.6, SSL support is included by default.
MySQL Community Edition is bundled with yaSSL, but can be configured to use OpenSSL when built from source distribution. MySQL Enterprise Edition is bundled with OpenSSL. It is not possible to use yaSSL with MySQL Enterprise Edition.
To build MySQL Server with openSSL support, you must do the following:
Ensure openSSL 1.0.1, or higher, is installed on your system. To obtain OpenSSL, visit http://www.openssl.org.
Configure the MySQL source distribution to use openSSL by invoking CMake in the following way:
cmake . -DWITH_SSL=system
That command configures the distribution to use the
installed OpenSSL library. See
MySQL Source-Configuration Options. If you do
-DWITH_SSL, yaSSL is used by
If the installed OpenSSL version is lower than 1.0.1, CMake produces an error.
Compile and install the distribution.
To check whether a mysqld server supports
SSL, examine the value of the
have_ssl system variable:
SHOW VARIABLES LIKE 'have_ssl';+---------------+-------+ | Variable_name | Value | +---------------+-------+ | have_ssl | YES | +---------------+-------+
If the value is
YES, the server supports SSL
connections. If the value is
server is capable of supporting SSL connections but was not
started with the appropriate
--ssl- options to
enable them to be used; see
Section 5.10.3, “Using SSL Connections”.