Django uses the Python MySQLdb library to interface with MySQL. Looking at the MySQLdb connection documentation, it looks like the ssl option requires a dictionary argument. So this might work:

'OPTIONS': {'ssl': {'key': '/map/to/ca-cert.pem'}}

I was getting a "SSL connection error: SSL_CTX_set_default_verify_paths failed') "error when running python manage.py migrate

I used pip to install django-mysql-ssl package. It still wasn't working. I had to change "ca" to "ssl-ca" and now it works.

'OPTIONS':  {
                    'ssl': {'ssl-ca': '<PATH TO CA CERT>',

                            }
                      }

I'm not sure if it is actually using encryption, but it no longer throws an error. I am running local django app connected to an AWS mariaDB instance.

The mysql client must be provided with three keys:

CA cert client cert client key

See the Mysql documentation for the instructions for creating these keys and setting up the server: http://dev.mysql.com/doc/refman/5.5/en/creating-ssl-certs.html

NOTE: There is an open issue that seems to be related to using openssl v1.0.1 to create the certificates for mysql 5.5.x (http://bugs.mysql.com/bug.php?id=64870)

This is an example entry for the Django settings file:

DATABASES = {
'default': {
              'ENGINE': 'django.db.backends.mysql',  
              'NAME': '<DATABASE NAME>',                     
              'USER': '<USER NAME>',
              'PASSWORD': '<PASSWORD>',
              'HOST': '<HOST>', 
              'PORT': '3306'    
              'OPTIONS':  {
                        'ssl': {'ca': '<PATH TO CA CERT>',
                                'cert': '<PATH TO CLIENT CERT>',
                                'key': '<PATH TO CLIENT KEY>'
                                }
                          }
            }
}