Dovecot with MySQL over SSL.

[Reio Remma]

Hello!

I'm attempting to get Dovecot working with MySQL user database on 
another machine. I can connect to the MySQL (5.7.26) instance with SSL 
enabled:

  mysql -h db.mrst.ee --ssl-ca=/etc/dovecot/ca.pem 
--ssl-cert=/etc/dovecot/client-cert.pem 
--ssl-key=/etc/dovecot/client-key.pem --ssl-cipher=DHE-RSA-AES256-SHA -u 
vmail -p

However if I use the same values in dovecot-sql.conf.ext, I get the 
following error:

Jul 19 00:20:18 turin dovecot: master: Dovecot v2.3.7 (494d20bdc) 
starting up for imap, lmtp, sieve (core dumps disabled)
Jul 19 00:20:18 turin dovecot: auth-worker(82996): Error: 
mysql(db.mrst.ee): Connect failed to database (vmail): SSL connection 
error: protocol version mismatch - waiting for 1 seconds before retry
Jul 19 00:20:18 turin dovecot: auth-worker(82996): Error: 
mysql(db.mrst.ee): Connect failed to database (vmail): SSL connection 
error: protocol version mismatch - waiting for 1 seconds before retry
Jul 19 00:20:19 turin dovecot: auth-worker(82996): Error: 
mysql(db.mrst.ee): Connect failed to database (vmail): Connections using 
insecure transport are prohibited while --require_secure_transport=ON. - 
waiting for 5 seconds before retry
Jul 19 00:20:19 turin dovecot: auth-worker(82996): Error: 
mysql(db.mrst.ee): Connect failed to database (vmail): Connections using 
insecure transport are prohibited while --require_secure_transport=ON. - 
waiting for 5 seconds before retry

Database connection string:

connect = host=db.mrst.ee dbname=vmail user=vmail password=stuff \
     ssl_ca=/etc/dovecot/ca.pem \
     ssl_cert=/etc/dovecot/client-cert.pem \
     ssl_key=/etc/dovecot/client-key.pem \
     ssl_cipher=DHE-RSA-AES256-SHA

If I leave the ssl_cipher unset, I get:

Jul 19 00:23:41 turin dovecot: auth-worker(83069): Error: 
mysql(db.mrst.ee): Connect failed to database (vmail): SSL connection 
error: Failed to set ciphers to use - waiting for 1 seconds before retry

Any ideas?

Thanks!
Reio