mysql cli was known for "ignoring" --ssl option on its own. If someone needed to enable SSL on client side they had to specify any other ssl option, e. g. --ssl-cipher=AES128-SHA. This was fixed in MariaDB, I guess by mysql_ssl_set() setting use_ssl = TRUE unconditionally. Thus we now can use mysql --ssl with MariaDB (and maybe with latest MySQL).
Recently I discovered another difference in behavior of MariaDB's and MySQL's libmysqlclient:
If I don't call mysql_ssl_set(), but have SSL options in the configuration file, SSL gets enabled with MySQL's, but does not with MariaDB's. It feels like use_ssl = TRUE should be executed in one more place.
E. i. let's have this file:
I'd expect SSL enabled if any SSL option is set.