To use SSL connections between the MySQL server and client programs, your system must support either OpenSSL or yaSSL:
MySQL Enterprise Edition binary distributions are compiled using yaSSL.
MySQL Community Edition binary distributions are compiled using yaSSL.
MySQL Community Edition source distributions can be compiled using either OpenSSL or yaSSL.
If you compile MySQL from a source distribution, CMake configures the distribution to use yaSSL by default. To compile using OpenSSL instead, use this procedure:
Ensure OpenSSL 1.0.1 or higher is installed on your system. To obtain OpenSSL, visit http://www.openssl.org.
To use OpenSSL, add the
-DWITH_SSL=system option to the
CMake command you normally use to configure
the MySQL source distribution. For example:
shell> cmake . -DWITH_SSL=system
That command configures the distribution to use the installed OpenSSL library. See Section 2.9.4, “MySQL Source-Configuration Options”.
Compile and install the distribution.
To check whether a mysqld server supports
secure connections, examine the value of the
have_ssl system variable:
mysql> SHOW VARIABLES LIKE 'have_ssl';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| have_ssl | YES |
+---------------+-------+
If the value is YES, the server supports secure
connections. If the value is DISABLED, the
server is capable of supporting secure connections but was not
started with the appropriate
--ssl- options to
enable secure connections to be used; see
Section 6.4.4, “Configuring MySQL to Use Secure Connections”.
xxx