'require_secure_transport' is introduced since 10.4 Enterprise
When this option is enabled, connections attempted using insecure transport will be rejected. Secure transports are SSL/TLS, Unix sockets or named pipes.
However the error message emitted when connection s refused is not at all explanatory. If this variable is enabled and a client tries to connect without encryption, following error message will be seen:
It does not provide any useful information to suggest user to connect with encryption, neither does it mention the related parameter 'require_secure_transport'.
The equivalent message from MySQL for example contains more information:
It would be beneficial to change this error message in MariaDB to reflect that the variable is enabled and to suggest user to use encrypted connection.