An SSL library is required for support of encrypted connections, entropy for random number generation, and other encryption-related operations. Your system must support either OpenSSL or yaSSL:
MySQL Enterprise Edition binary distributions are compiled using yaSSL.
MySQL Community Edition binary distributions are compiled using yaSSL.
MySQL Community Edition source distributions can be compiled using either OpenSSL or yaSSL.
If you compile MySQL from a source distribution, CMake configures the distribution to use yaSSL by default. To compile using OpenSSL instead, use this procedure:
Ensure that OpenSSL 1.0.1 or higher is installed on your system. If it is necessary to obtain OpenSSL, visit http://www.openssl.org.
WITH_SSLCMake option determines which SSL library to use for compiling MySQL (see Section 4.7, “MySQL Source-Configuration Options”). The default is
-DWITH_SSL=bundled, which uses yaSSL. To use OpenSSL, add the
-DWITH_SSL=systemoption to the CMake command you normally use to configure the MySQL source distribution. For example:
cmake . -DWITH_SSL=system
That command configures the distribution to use the installed OpenSSL library.
Compile and install the distribution.
To check whether a mysqld server supports
encrypted connections, examine the value of the
have_ssl system variable:
mysql> SHOW VARIABLES LIKE 'have_ssl'; +---------------+-------+ | Variable_name | Value | +---------------+-------+ | have_ssl | YES | +---------------+-------+
If the value is
YES, the server supports
encrypted connections. If the value is
DISABLED, the server is capable of supporting
encrypted connections but was not started with the appropriate
--ssl- options to
enable encrypted connections to be used; see
Configuring MySQL to Use Encrypted Connections.