Correction to the previous email: The server builds (apparently statically) with WolfSSL while the client uses GnuTLS (dynamically):
# mariadb -Bse 'SHOW VARIABLES' | grep -e version_ssl_library version_ssl_library WolfSSL 4.4.0 # ldd $(which mariadbd) | grep -e crypt -e tls -e ssl libcrypt.so.1 => /usr/lib/x86_64-linux-gnu/libcrypt.so.1 (0x00007fc6c7d92000) libgcrypt.so.20 => /usr/lib/x86_64-linux-gnu/libgcrypt.so.20 (0x00007fc6c755200 # ldd $(which mariadb) | grep -e crypt -e tls -e ssl libgnutls.so.30 => /usr/lib/x86_64-linux-gnu/libgnutls.so.30 (0x00007f11defad000) Ref: - https://mariadb.com/kb/en/ssltls-system-variables/#version_ssl_library - https://mariadb.com/kb/en/tls-and-cryptography-libraries-used-by-mariadb/ - https://mariadb.com/kb/en/secure-connections-overview/