# Kill the server
# restart: --ssl-key=MYSQLTEST_VARDIR/tmp/ssl_key.pem --ssl-cert=MYSQLTEST_VARDIR/tmp/ssl_cert.pem
connect  ssl_con,localhost,root,,,,,SSL;
SELECT VARIABLE_VALUE INTO @ssl_not_after FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_server_not_after';
# Use a different certificate ("Not after" certificate field changed)
FLUSH SSL;
# Check new certificate used by new connection
Result
OK
# Check that existing SSL connection still works, and uses old certificate, even if new one is loaded in FLUSH SSL
connection ssl_con;
SELECT IF(VARIABLE_VALUE=@ssl_not_after,'OK','FAIL') as Result FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_server_not_after';
Result
OK
disconnect ssl_con;
connection default;
SELECT VARIABLE_NAME NAME, VARIABLE_VALUE VALUE FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME in ('Ssl_accepts', 'Ssl_finished_accepts');
NAME	VALUE
SSL_ACCEPTS	1
SSL_FINISHED_ACCEPTS	1
FLUSH SSL;
SELECT VARIABLE_NAME NAME, VARIABLE_VALUE VALUE FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME in ('Ssl_accepts', 'Ssl_finished_accepts');
NAME	VALUE
SSL_ACCEPTS	0
SSL_FINISHED_ACCEPTS	0
# Cleanup
# Kill the server
# restart