Description
Describe the Bug
The module configures mysql (/etc/my.cnf) with the ssl keyword both when enabled or disabled. The problem is that mysqld refuses to initialize the data directory or to start the daemon as the ssl keyword is present. The --ssl option was deprecated and is now removed in MySQL 8.4.
When enabled, it causes the error:
025-06-20T13:48:02.989053Z 0 [ERROR] [MY-000068] [Server] unknown option '--ssl'.
2025-06-20T13:48:02.989572Z 0 [ERROR] [MY-013455] [Server] The newly created data directory /data/mysql/ by --initialize is unusable. You can remove it.
2025-06-20T13:48:02.989596Z 0 [ERROR] [MY-010119] [Server] Aborting
When disabled:
2025-06-20T14:54:03.345506Z 0 [ERROR] [MY-000067] [Server] unknown variable 'ssl=false'.
2025-06-20T14:54:03.346046Z 0 [ERROR] [MY-013455] [Server] The newly created data directory /data/mysql/ by --initialize is unusable. You can remove it.
2025-06-20T14:54:03.346099Z 0 [ERROR] [MY-010119] [Server] Aborting
Expected Behavior
The data directory is correctly initialized and the mysqld daemon is able to serve.
Steps to Reproduce
Initialize a new mysql server with or without SSL.
Environment
- MySQL 8.4
- RHEL 9.4
- Puppet 7.23.0
Additional Context
Mariadb 11.4 does not suffer this problem.
Link to release notes which relates the removal: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-0.html
The --ssl, --skip-ssl, and --admin-ssl server options, as well as the have_ssl and have_openssl server system variables, were all deprecated in MySQL 8.0.26, and are all removed in this release. Use --tls-version and --admin-tls-version instead.