Mysql – MariaDB always show SSL not in use when I start thesqld with –ssl

• CentOS 7.2.1511
• Linux 3.10.0-123.9.3.el7.x86_64
• MariaDB: 10.1.11

/etc/my.cnf

#
# This group is read both both by the client and the server
# use it for options that affect everything
#
[client-server]

#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

[mysqld]
ssl
ssl-ca       = /root/ca.pem
ssl-cert     = /root/server-cert.pem
ssl-key      = /root/server-key.pem 
bind-address = 0.0.0.0
port         = 3306
max_allowed_packet = 16M


[mysqldump]
max_allowed_packet = 16M

I started mariadb with command:

systemctl start mysql

Then I login mysql with root typed status shows SSL Not in use. Then I typed

show variables like '%ssl%';

And I get a table:

+---------------------+---------------------------------+
| Variable_name       | Value                           |
+---------------------+---------------------------------+
| have_openssl        | YES                             |
| have_ssl            | DISABLED                        |
| ssl_ca              | /root/ca.pem                    |
| ssl_capath          |                                 |
| ssl_cert            | /root/server-cert.pem           |
| ssl_cipher          |                                 |
| ssl_crl             |                                 |
| ssl_crlpath         |                                 |
| ssl_key             | /root/server-key.pem            |
| version_ssl_library | OpenSSL 1.0.1e-fips 11 Feb 2013 |
+---------------------+---------------------------------+

At last I even tried to login with ssl and it failed obviously.

UPDATE

Here are some warning messages in the error log file:

[Warning] Failed to setup SSL
[Warning] SSL error: SSL_CTX_set_default_verify_paths failed
[Warning] SSL error: error:0200100D:system library:fopen:Permission denied
[Warning] SSL error: error:2006D002:BIO_new_file:system lib
[warning] SSL error: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib