Documentation Home
MySQL 5.5 Reference Manual
Related Documentation Download this Manual
PDF (US Ltr) - 26.9Mb
PDF (A4) - 26.9Mb
PDF (RPM) - 25.3Mb
HTML Download (TGZ) - 6.3Mb
HTML Download (Zip) - 6.4Mb
HTML Download (RPM) - 5.4Mb
Man Pages (TGZ) - 159.2Kb
Man Pages (Zip) - 262.9Kb
Info (Gzip) - 2.6Mb
Info (Zip) - 2.6Mb
Excerpts from this Manual

MySQL 5.5 Reference Manual  /  ...  /  Configuring SSL Library Support

2.9.6 Configuring SSL Library Support

An SSL library is required for support of encrypted connections, entropy for random number generation, and other encryption-related operations. Your system must support either OpenSSL or yaSSL:

  • MySQL Enterprise Edition binary distributions are compiled using yaSSL.

  • MySQL Community Edition binary distributions are compiled using yaSSL.

  • MySQL Community Edition source distributions can be compiled using either OpenSSL or yaSSL.

If you compile MySQL from a source distribution, CMake configures the distribution to use yaSSL by default. To compile using OpenSSL instead, use this procedure:

  1. Ensure that OpenSSL 1.0.1 or higher is installed on your system. If it is necessary to obtain OpenSSL, visit http://www.openssl.org.

  2. The WITH_SSL CMake option determines which SSL library to use for compiling MySQL (see Section 2.9.7, “MySQL Source-Configuration Options”). The default is -DWITH_SSL=bundled, which uses yaSSL. To use OpenSSL, add the -DWITH_SSL=system option to the CMake command you normally use to configure the MySQL source distribution. For example:

    cmake . -DWITH_SSL=system

    That command configures the distribution to use the installed OpenSSL library.

  3. Compile and install the distribution.

To check whether a mysqld server supports encrypted connections, examine the value of the have_ssl system variable:

mysql> SHOW VARIABLES LIKE 'have_ssl';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| have_ssl      | YES   |
+---------------+-------+

If the value is YES, the server supports encrypted connections. If the value is DISABLED, the server is capable of supporting encrypted connections but was not started with the appropriate --ssl-xxx options to enable encrypted connections to be used; see Section 6.3.1, “Configuring MySQL to Use Encrypted Connections”.