MariaDB SkySQL features data-in-transit encryption by default.
TLS 1.2 and TLS 1.3 are supported.
SSL/TLS certificates and encryption settings are not customer-configurable.
Users have the option of disabling data-in-transit encryption when launching services on AWS. Disabling SSL/TLS may severely impact the confidentiality of your data. MariaDB strongly recommends encrypting connections to SkySQL services when not connecting over a private link or VPC peered network.
For additional information on connecting with TLS, see "Clients and Connectors".