Documentation Home
MySQL 8.0 Reference Manual
Related Documentation
MySQL 8.0 Release Notes
MySQL 8.0 Source Code Documentation
Download this Manual
PDF (US Ltr) - 43.3Mb
PDF (A4) - 43.4Mb
Man Pages (TGZ) - 297.1Kb
Man Pages (Zip) - 402.4Kb
Info (Gzip) - 4.3Mb
Info (Zip) - 4.3Mb
Excerpts from this Manual
MySQL Backup and Recovery
MySQL Globalization
MySQL Information Schema
MySQL Installation Guide
Security in MySQL
Starting and Stopping MySQL
MySQL and Linux/Unix
MySQL and Windows
MySQL and macOS
MySQL and Solaris
Building MySQL from Source
MySQL Restrictions and Limitations
MySQL Partitioning
MySQL Tutorial
MySQL Performance Schema
MySQL Replication
Using the MySQL Yum Repository
MySQL NDB Cluster 8.0
MySQL 8.0 Reference Manual  /  ...  /  Configuring SSL Library Support

2.8.6 Configuring SSL Library Support

An SSL library is required for support of encrypted connections, entropy for random number generation, and other encryption-related operations.

If you compile MySQL from a source distribution, CMake configures the distribution to use the installed OpenSSL library by default.

To compile using OpenSSL, use this procedure:

  1. Ensure that OpenSSL 1.0.1 or newer is installed on your system. If the installed OpenSSL version is older than 1.0.1, CMake produces an error at MySQL configuration time. If it is necessary to obtain OpenSSL, visit http://www.openssl.org.

  2. The WITH_SSL CMake option determines which SSL library to use for compiling MySQL (see Section 2.8.7, “MySQL Source-Configuration Options”). The default is -DWITH_SSL=system, which uses OpenSSL. To make this explicit, specify that option. For example: 

    cmake . -DWITH_SSL=system

    That command configures the distribution to use the installed OpenSSL library. Alternatively, to explicitly specify the path name to the OpenSSL installation, use the following syntax. This can be useful if you have multiple versions of OpenSSL installed, to prevent CMake from choosing the wrong one: 

    cmake . -DWITH_SSL=path_name

    Alternative OpenSSL system packages are supported as of MySQL 8.0.30 by using WITH_SSL=openssl11 on EL7 or WITH_SSL=openssl3 on EL8. Authentication plugins, such as LDAP and Kerberos, are disabled since they do not support these alternative versions of OpenSSL.

  3. Compile and install the distribution.

To check whether a mysqld server supports encrypted connections, examine the value of the have_ssl system variable: 

mysql> SHOW VARIABLES LIKE 'have_ssl';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| have_ssl      | YES   |
+---------------+-------+

If the value is YES, the server supports encrypted connections. If the value is DISABLED, the server is capable of supporting encrypted connections but was not started with the appropriate --ssl-xxx options to enable encrypted connections to be used; see Section 8.3.1, “Configuring MySQL to Use Encrypted Connections”.


PREV   HOME   UP   NEXT
Related Documentation
MySQL 8.0 Release Notes
MySQL 8.0 Source Code Documentation
Download this Manual
PDF (US Ltr) - 43.3Mb
PDF (A4) - 43.4Mb
Man Pages (TGZ) - 297.1Kb
Man Pages (Zip) - 402.4Kb
Info (Gzip) - 4.3Mb
Info (Zip) - 4.3Mb
Excerpts from this Manual
MySQL Backup and Recovery
MySQL Globalization
MySQL Information Schema
MySQL Installation Guide
Security in MySQL
Starting and Stopping MySQL
MySQL and Linux/Unix
MySQL and Windows
MySQL and macOS
MySQL and Solaris
Building MySQL from Source
MySQL Restrictions and Limitations
MySQL Partitioning
MySQL Tutorial
MySQL Performance Schema
MySQL Replication
Using the MySQL Yum Repository
MySQL NDB Cluster 8.0