MySQL supports multiple TLS protocols and ciphers, and enables configuring which ciphers to permit for encrypted connections. It is also possible to determine which protocol and cipher the current session uses.
MySQL supports encrypted connections using the TLSv1 protocol and (as of MySQL 5.6.46) TLSv1.1 and TLSv1.2, listed in order from less secure to more secure.
As of MySQL 5.6.23, SSL 2.0 and SSL 3.0 are explicitly disabled because they provide weak encryption.
The set of protocols actually permitted for connections is subject to multiple factors:
MySQL configuration. Permitted TLS protocols on the server side and client side must include at least one protocol in common or connection attempts cannot negotiate a protocol to use. For details, see Connection TLS Protocol Negotiation.
System-wide host configuration. The host system may permit only certain TLS protocols, which means that MySQL connections cannot use nonpermitted protocols even if MySQL itself permits them:
Suppose that MySQL permits TLSv1, TLSv1.1, and TLSv1.2, but your host system configuration permits only connections that use TLSv1.2 or higher. In this case, you cannot establish MySQL connections that use TLSv1 or TLSv1.1, even though MySQL permits them, because the host system does not permit them.
If MySQL permits TLSv1, TLSv1.1, and TLSv1.2, but your host system configuration permits only connections that use TLSv1.3 or higher, you cannot establish MySQL connections at all, because no protocol permitted by MySQL is permitted by the host system.
Workarounds for this issue include:
Change the system-wide host configuration to permit additional TLS protocols. Consult your operating system documentation for instructions. For example, your system may have an
/etc/ssl/openssl.cnffile that contains these lines to restrict TLS protocols to TLSv1.2 or higher:
[system_default_sect] MinProtocol = TLSv1.2
Changing the value to a lower protocol version or
Nonemakes the system more permissive. This workaround has the disadvantage that permitting lower (less secure) protocols may have adverse security consequences.
If you cannot or prefer not to change the host system TLS configuration, change MySQL applications to use higher (more secure) TLS protocols that are permitted by the host system. This may not be possible for older versions of MySQL that support only lower protocol versions. For example, TLSv1 is the only supported protocol prior to MySQL 5.6.46, so attempts to connect to a pre-5.6.46 server fail even if the client is from a newer MySQL version that supports higher protocol versions. In such cases, an upgrade to a version of MySQL that supports additional TLS versions may be required.
The SSL library. If the SSL library does not support a particular protocol, neither does MySQL, and any parts of the following discussion that specify that protocol do not apply.
When compiled using OpenSSL 1.0.1 or higher, MySQL supports the TLSv1, TLSv1.1, and TLSv1.2 protocols as of MySQL 5.6.46, and TLS1v1 prior to 5.6.46.
When compiled using yaSSL, MySQL supports the TLSv1 protocol.
It is possible to compile MySQL using yaSSL as an alternative to OpenSSL only prior to MySQL 5.6.46. As of MySQL 5.6.46, support for yaSSL is removed and all MySQL builds use OpenSSL.
MySQL supports encrypted connections using the TLSv1 protocol and (as of MySQL 5.6.46) TLSv1.1 and TLSv1.2. Protocol support is built in and cannot be configured as is possible in MySQL 5.7 and higher. The protocol chosen for a given connection depends on the negotiation process. See Connection TLS Protocol Negotiation.
A default set of ciphers applies to encrypted connections, which can be overridden by explicitly configuring the permitted ciphers. During connection establishment, both sides of a connection must permit some cipher in common or the connection fails. Of the permitted ciphers common to both sides, the SSL library chooses the one supported by the provided certificate that has the highest priority.
For master/slave replication, the
MASTER_SSL_CIPHER option for the
CHANGE MASTER TO statement
specifies which ciphers a slave server permits for connections
to the master.
To determine which ciphers a given server supports, check the
session value of the
SHOW SESSION STATUS LIKE 'Ssl_cipher_list';
variable lists the possible SSL ciphers (empty for non-SSL
connections). The set of available ciphers depends on your MySQL
version and whether MySQL was compiled using OpenSSL or yaSSL,
and (for OpenSSL) the library version used to compile MySQL.
MySQL passes a default cipher list to the SSL library.
MySQL passes this default cipher list to OpenSSL:
AES256-GCM-SHA384 AES256-SHA AES256-SHA256 CAMELLIA256-SHA DES-CBC3-SHA DHE-DSS-AES256-GCM-SHA384 DHE-DSS-AES256-SHA DHE-DSS-AES256-SHA256 DHE-DSS-CAMELLIA256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA DHE-RSA-AES256-SHA256 DHE-RSA-CAMELLIA256-SHA ECDH-ECDSA-AES256-GCM-SHA384 ECDH-ECDSA-AES256-SHA ECDH-ECDSA-AES256-SHA384 ECDH-ECDSA-DES-CBC3-SHA ECDH-RSA-AES256-GCM-SHA384 ECDH-RSA-AES256-SHA ECDH-RSA-AES256-SHA384 ECDH-RSA-DES-CBC3-SHA ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-DES-CBC3-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES256-SHA384 ECDHE-RSA-DES-CBC3-SHA EDH-DSS-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA PSK-3DES-EDE-CBC-SHA PSK-AES256-CBC-SHA SRP-DSS-3DES-EDE-CBC-SHA SRP-DSS-AES-128-CBC-SHA SRP-DSS-AES-256-CBC-SHA SRP-RSA-3DES-EDE-CBC-SHA SRP-RSA-AES-128-CBC-S SRP-RSA-AES-256-CBC-SHA
MySQL passes this default cipher list to yaSSL:
AES128-RMD AES128-SHA AES256-RMD AES256-SHA DES-CBC-SHA DES-CBC3-RMD DES-CBC3-SHA DHE-RSA-AES128-RMD DHE-RSA-AES128-SHA DHE-RSA-AES256-RMD DHE-RSA-AES256-SHA DHE-RSA-DES-CBC3-RMD EDH-RSA-DES-CBC-SHA EDH-RSA-DES-CBC3-SHA RC4-MD5 RC4-SHA
Connection attempts in MySQL negotiate use of the highest TLS protocol version available on both sides for which a protocol-compatible encryption cipher is available on both sides. The negotiation process depends on factors such as the SSL library used to compile the server and client, the TLS protocol and encryption cipher configuration, and which key size is used:
For a connection attempt to succeed, the server and client TLS protocol configuration must permit some protocol in common.
Similarly, the server and client encryption cipher configuration must permit some cipher in common. A given cipher may work only with particular TLS protocols, so a protocol available to the negotiation process is not chosen unless there is also a compatible cipher.
If the server and client are compiled using OpenSSL, TLSv1.2 is used if possible. If either or both the server and client are compiled using yaSSL, only TLSv1 is possible. (“Possible” means that server and client configuration both must permit the indicated protocol, and both must also permit some protocol-compatible encryption cipher.) Otherwise, MySQL continues through the list of available protocols, proceeding from more secure protocols to less secure.
TLSv1.2 does not work with all ciphers that have a key size of 512 bits or less. To use this protocol with such a key, set the
ssl_ciphersystem variable on the server side or use the
--ssl-cipherclient option to specify the cipher name explicitly:
AES128-SHA AES128-SHA256 AES256-SHA AES256-SHA256 CAMELLIA128-SHA CAMELLIA256-SHA DES-CBC3-SHA DHE-RSA-AES256-SHA RC4-MD5 RC4-SHA SEED-SHA
For better security, use a certificate with an RSA key size of at least 2048 bits.
If the server and client do not have a permitted protocol in common, and a protocol-compatible cipher in common, the server terminates the connection request. Examples:
If the server is from MySQL 5.7 or higher and is configured with
Connection attempts fail for pre-MySQL 5.6.46 clients that support only TLSv1.
Similarly, connection attempts fail for pre-MySQL 5.6.46 replication slaves that support only TLSv1.
If the server is a pre-MySQL 5.6.46 server that supports only TLSv1:
Connection attempts fail for MySQL 5.7 or higher clients invoked with
Similarly, connection attempts fail for MySQL 5.7 or higher replication slaves configured with
MASTER_TLS_VERSION = 'TLSv1.1,TLSv1.2'.
mysql> SHOW SESSION STATUS LIKE 'Ssl_version'; +---------------+-------+ | Variable_name | Value | +---------------+-------+ | Ssl_version | TLSv1 | +---------------+-------+ mysql> SHOW SESSION STATUS LIKE 'Ssl_cipher'; +---------------+--------------------+ | Variable_name | Value | +---------------+--------------------+ | Ssl_cipher | DHE-RSA-AES256-SHA | +---------------+--------------------+
If the connection is not encrypted, both variables have an empty value.