I have configured MySQL SSL in ubuntu server.

show variables like "%ssl%";
+---------------+----------------------------+
| Variable_name | Value                      |
+---------------+----------------------------+
| have_openssl  | YES                        |
| have_ssl      | YES                        |
| ssl_ca        | /etc/mysql/ca-cert.pem     |
| ssl_capath    |                            |
| ssl_cert      | /etc/mysql/server-cert.pem |
| ssl_cipher    |                            |
| ssl_key       | /etc/mysql/server-key.pem  |
+---------------+----------------------------+

Current PDO connection in PHP script is something like this:

try {
    $this->_conn = $this->dbh = new PDO('mysql:host=' . DB_SERVER . ';dbname='. DB_NAME, DB_USER, DB_PASS);
    $this->dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
    die("Couldn't connect to database. Please try again!");
}

I tried to adding this array in connection. but, it's not working.

array(PDO::MYSQL_ATTR_SSL_KEY  => '/etc/mysql/client-key.pem',
      PDO::MYSQL_ATTR_SSL_CERT => '/etc/mysql/client-cert.pem',
      PDO::MYSQL_ATTR_SSL_CA   => '/etc/mysql/ca-cert.pem'
     );

Now, the question is: How can I connect with MySQL database under secure connection (SSL)? What changes do I need to do in order to add make it secure?

I have generated client and server certificate by this:

openssl genrsa -out ca-key.pem 2048;
openssl req -new -x509 -nodes -days 1000 -key ca-key.pem -out ca-cert.pem;
openssl req -newkey rsa:2048 -days 1000 -nodes -keyout server-key.pem -out server-req.pem;
openssl x509 -req -in server-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem;
openssl req -newkey rsa:2048 -days 1000 -nodes -keyout client-key.pem -out client-req.pem;
openssl x509 -req -in client-req.pem -days 1000 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem;

ERROR MESSAGE

SQLSTATE[HY000] [2026] SSL connection error: Unable to get private key