I executed a mariadb server with TLS, everything worked fine, and the 'require_secure_transport' was ON.
Then, i tried to access it via client, and i could access it with the --ssl option, but without giving any CA or any other certificate related option. This makes me think that the server do connected via TLS(i could see the ssl cypher with the "status" command), but do not authenticated the server certificate, and i dont think we can call that secure by any way. I only got an error while trying to login with tls without the certs after changing the user requirement.
So there is no way to ensure that the connection is really secure besides changing the user requirement.
The conf file used to create the server is attached. I don't think it should matter, but i was using the root user.