See System Variables for a complete list of system variables and instructions on setting them.

See also the Full list of MariaDB options, system and status variables.

have_openssl

  • Description: Before MariaDB 10.0.1, have_openssl was an alias for have_ssl. Since MariaDB 10.0.1, comparing have_openssl with have_ssl will indicate whether YaSSL or openssl was used. If YaSSL, have_ssl will be ON, but have_openssl will be OFF.
  • Scope: Global
  • Dynamic: No

have_ssl

  • Description: If the server supports SSL connections, will be set to YES, otherwise will be set to NO. If set to DISABLED, the server was compiled with SSL support, but was not started with SSL support (see the mysqld options). See also have_openssl.
  • Scope: Global
  • Dynamic: No

ssl_ca

  • Description: Path to a PEM file containing list of trusted SSL certificate authorities. directory containing trusted SSL authority certificates, in PEM format. If this and ssl_ca are both unspecified, the client will not authenticate the server certificate. The server still verifies the client using any --ssl-ca and --ssl-capath values given to it at startup, or based on any requirements established from GRANT statements. Implies --ssl.
  • Commandline: --ssl-ca=file_name
  • Scope: Global
  • Dynamic: No
  • Data Type: file name

ssl_capath

  • Description: Path to the directory containing trusted SSL authority certificates, in PEM format. If this and ssl_ca are both unspecified, the client will not authenticate the server certificate. The server still verifies the client using any --ssl-capath and -ssl-ca values given to it at startup, or based on any requirements established from GRANT statements. MariaDB distributions built with OpenSSL support --ssl-capath, while those built with yaSSL do not normally, since yaSSL wants all components of the CA certificate to be contained within a single certificate tree, and each certificate in the file give a unique SubjectName value. To get around this, create a new file containing concatenated individual certificate files in the tree, and specify this new file as the --ssl-capath option. Implies --ssl.
  • Commandline: --ssl-capath=directory_name
  • Scope: Global
  • Dynamic: No
  • Data Type: directory name

ssl_cert

  • Description: Name of the SSL certificate file used to establish a secure SSL connection. Implies --ssl.
  • Commandline: --ssl-cert=name
  • Scope: Global
  • Dynamic: No
  • Data Type: file name
  • Default Value: None

ssl_cipher

  • Description: List of permitted ciphers to use for SSL encryption. Implies --ssl. MariaDB has supported the TLSv1.2 protocol since 10.0.15. Limit MariaDB to TLSv1.2 ciphers only with --ssl_cipher=TLSv1.2 and to SSLv3 ciphers with --ssl-cipher=SSLv3.
  • Commandline: --ssl-cipher=name
  • Scope: Global
  • Dynamic: No
  • Data Type: file name
  • Default Value: None

ssl_crl

  • Description: Path to certificate revocation lists file, in PEM format. These work for distributions compiled against OpenSSL, not yaSSL.
  • Commandline: --ssl-crl=name
  • Scope: Global
  • Dynamic: No
  • Data Type: file name
  • Default Value: None
  • Introduced: MariaDB 10.0.0 / MySQL 5.6.3

ssl_crlpath

  • Description: Path to directory containing certificate revocation lists files, in PEM format. These work for distributions compiled against OpenSSL, not yaSSL.
  • Commandline: --ssl-crlpath=name
  • Scope: Global
  • Dynamic: No
  • Data Type: directory name
  • Default Value: None
  • Introduced: MariaDB 10.0.0 / MySQL 5.6.3

ssl_key

  • Description: The SSL key file used to establish a secure SSL connection. Implies --ssl.
  • Commandline: --ssl-key=name
  • Scope: Global
  • Dynamic: No
  • Data Type: string
  • Default Value: None

version_ssl_library

  • Description: Version of the used SSL library.
  • Scope: Global
  • Dynamic: No
  • Data Type: string
  • Default Value: None
  • Introduced: MariaDB 10.1.3

Comments

Comments loading...